Warden Scheduled Scan Results
Run: 2026-05-25T07:38:54.291Z
Commit: 857954e
Summary
| Severity |
Count |
| High |
2 |
| Medium |
2 |
| Low |
2 |
Findings
BDZ-4TS Import uses .ts extension instead of .js, breaking ESM module resolution (L31) · high
The import of extractTestSummaryCountsFromXcresult uses a .ts extension; all other imports in this file use .js, and TypeScript's ESM output requires .js extensions — this will fail at runtime with a module-not-found error.
Suggested fix: Change the .ts extension to .js to match every other import in this file.
MWZ-95Z Downloaded script executed without integrity verification (L62-L76) · high
The installXcodemake() function fetches an executable script from a mutable main branch ref on GitHub, writes it to disk, and marks it executable—without any hash or checksum check—creating a supply-chain attack vector where a compromised upstream repo or MITM response would run arbitrary code on the user's machine.
9LE-F28 ActiveRunDestination silently dropped when ActiveScheme is absent (L130-L133) · medium
When ActiveScheme is missing from the file (activeSchemeIdx === -1) but ActiveRunDestination exists, findDictWithKey(objects, -1) never matches any dict (UIDs are non-negative), so parentDict is undefined and the function returns early, discarding the run-destination data entirely; the same bug exists identically in parseXcuserstateBuffer (line 200).
Suggested fix: Guard the findDictWithKey call with an activeSchemeIdx !== -1 check, and fall back to searching by activeRunDestIdx when scheme is absent.
VZ3-8YE Unguarded JSON.parse in findSimulatorById throws on malformed simctl output (L65-L67) · medium
If xcrun simctl list returns non-JSON output (e.g. on error or warning prefix), JSON.parse throws a SyntaxError that propagates uncaught, bypassing the { simulator: null, error } return contract every other failure path in this function follows.
XZ2-B3W Workspace boundary check uses prefix match without separator, allowing sibling-directory bypass (L90-L92) · low
The workspace-boundary guards in discover_projs.ts use startsWith(normalizedWorkspaceRoot) without appending a path separator, so a workspace root of /tmp/p would treat /tmp/p-evil/... as inside the workspace. Because workspaceRoot is itself supplied by the MCP caller, this does not grant additional capability beyond what the caller already controls, but it defeats the intent of the guard and can cause scanPath/recursive entries pointing at sibling directories (e.g. ../p-evil) to be silently accepted instead of clamped back to the workspace root.
E3L-GFU Unescaped filename interpolated into glob pattern in diagnostic path resolution (L213-L218) · low
In resolveDiagnosticPathCandidate, filePath extracted from compiler diagnostic output is embedded directly into the glob pattern **/${filePath} without escaping glob metacharacters (*, ?, [, {). For Swift/Objective-C source files whose names contain such characters (e.g. [Extension].swift), the pattern is interpreted as glob syntax rather than a literal filename, so globSync will not return a single literal match and resolution falls back to the unresolved raw path (or, in pathological cases, resolves to an unrelated file). Impact is limited to diagnostic display: file paths in formatted diagnostics may remain unresolved.
Generated by Warden
Warden Scheduled Scan Results
Run: 2026-05-25T07:38:54.291Z
Commit:
857954eSummary
Findings
src/utils/xcodebuild-domain-results.tsBDZ-4TSImport uses.tsextension instead of.js, breaking ESM module resolution (L31) · highThe import of
extractTestSummaryCountsFromXcresultuses a.tsextension; all other imports in this file use.js, and TypeScript's ESM output requires.jsextensions — this will fail at runtime with a module-not-found error.Suggested fix: Change the
.tsextension to.jsto match every other import in this file.src/utils/xcodemake.tsMWZ-95ZDownloaded script executed without integrity verification (L62-L76) · highThe
installXcodemake()function fetches an executable script from a mutablemainbranch ref on GitHub, writes it to disk, and marks it executable—without any hash or checksum check—creating a supply-chain attack vector where a compromised upstream repo or MITM response would run arbitrary code on the user's machine.src/utils/nskeyedarchiver-parser.ts9LE-F28ActiveRunDestination silently dropped when ActiveScheme is absent (L130-L133) · mediumWhen
ActiveSchemeis missing from the file (activeSchemeIdx === -1) butActiveRunDestinationexists,findDictWithKey(objects, -1)never matches any dict (UIDs are non-negative), soparentDictisundefinedand the function returns early, discarding the run-destination data entirely; the same bug exists identically inparseXcuserstateBuffer(line 200).Suggested fix: Guard the
findDictWithKeycall with anactiveSchemeIdx !== -1check, and fall back to searching byactiveRunDestIdxwhen scheme is absent.src/utils/simulator-steps.tsVZ3-8YEUnguarded JSON.parse in findSimulatorById throws on malformed simctl output (L65-L67) · mediumIf
xcrun simctl listreturns non-JSON output (e.g. on error or warning prefix),JSON.parsethrows aSyntaxErrorthat propagates uncaught, bypassing the{ simulator: null, error }return contract every other failure path in this function follows.src/mcp/tools/project-discovery/discover_projs.tsXZ2-B3WWorkspace boundary check uses prefix match without separator, allowing sibling-directory bypass (L90-L92) · lowThe workspace-boundary guards in
discover_projs.tsusestartsWith(normalizedWorkspaceRoot)without appending a path separator, so a workspace root of/tmp/pwould treat/tmp/p-evil/...as inside the workspace. BecauseworkspaceRootis itself supplied by the MCP caller, this does not grant additional capability beyond what the caller already controls, but it defeats the intent of the guard and can causescanPath/recursive entries pointing at sibling directories (e.g.../p-evil) to be silently accepted instead of clamped back to the workspace root.src/utils/renderers/event-formatting.tsE3L-GFUUnescaped filename interpolated into glob pattern in diagnostic path resolution (L213-L218) · lowIn
resolveDiagnosticPathCandidate,filePathextracted from compiler diagnostic output is embedded directly into the glob pattern**/${filePath}without escaping glob metacharacters (*,?,[,{). For Swift/Objective-C source files whose names contain such characters (e.g.[Extension].swift), the pattern is interpreted as glob syntax rather than a literal filename, soglobSyncwill not return a single literal match and resolution falls back to the unresolved raw path (or, in pathological cases, resolves to an unrelated file). Impact is limited to diagnostic display: file paths in formatted diagnostics may remain unresolved.Generated by Warden