@earendil-works/pi-coding-agent Security Advisories - Npm | Ecosyste.ms: Advisories

@earendil-works/pi-coding-agent

Coding agent CLI with read, bash, edit, write tools and session management

View on github.com · View on npmjs.org

Security Advisories for @earendil-works/pi-coding-agent in npm

Moderate

1 day ago

Pi Agent: Pi loads project-local extensions without approval GSA_kwCzR0hTQS1tcXhoLTZncTctNTU4bc4ABY4L

npm @earendil-works/pi-coding-agent

High

1 day ago

Pi Agent: Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts GSA_kwCzR0hTQS1qZmd4LXd4eDgtbXA5NM4ABY4K

npm @mariozechner/pi-coding-agent, @earendil-works/pi-coding-agent

Low

1 day ago

Pi Agent: Race condition in Pi auth.json writes could expose stored credentials GSA_kwCzR0hTQS1yOTVyLXJqNnItYzM5eM4ABY4J

npm @earendil-works/pi-coding-agent, @mariozechner/pi-coding-agent

Low

2 days ago

Pi Agent: Potential XSS in HTML session exports via Markdown URL sanitization bypass GSA_kwCzR0hTQS03djVtLXByM3EtNjQ1M84ABY2m

npm @earendil-works/pi-coding-agent, @mariozechner/pi-coding-agent

Filter by Severity

Low 2 Moderate 1 High 1