Safety notes
Review required
Claude Code tool/API shim for Pi. Powerful compatibility layer; inspect before installing.
Claude Code tool/API shim for Pi. Powerful compatibility layer; inspect before installing.
Static scan findings
This is a first-pass static screen, not a formal audit. It flags patterns worth reading before install.
MEDIUM · token_access
README.md
| `WebSearch` | `WebSearch.ts` | Web search via Brave Search API (requires `BRAVE_API_KEY`) |export BRAVE_API_KEY="your-key-here" # add to ~/.profile or ~/.zprofile
MEDIUM · token_access
CHANGELOG.md
- `extensions/WebSearch.ts` — `WebSearch` shim via Brave Search API (requires `BRAVE_API_KEY`; graceful degradation when not set)
MEDIUM · spawn_shell
extensions/Agent.ts
import { execFileSync } from "node:child_process";
MEDIUM · spawn_shell
extensions/Grep.ts
import { execFile } from "node:child_process";
MEDIUM · spawn_shell
extensions/Glob.ts
import { execFile } from "node:child_process";
MEDIUM · spawn_shell
extensions/LS.ts
import { execFile } from "node:child_process";
HIGH · system_write
extensions/PlanMode.ts
/\bsystemctl\s+(start|stop|restart|enable|disable)/i,
MEDIUM · network_download
extensions/PlanMode.ts
/^\s*curl\s/i, /^\s*wget\s+-O\s*-/i,
MEDIUM · token_access
extensions/WebSearch.ts
* Requires: BRAVE_API_KEY environment variable* 4. Add to your shell profile: export BRAVE_API_KEY="your-key"* Graceful degradation: if BRAVE_API_KEY is not set, the tool loads cleanly
MEDIUM · spawn_shell
docs/migrating-from-claude-code.md
- **`PowerShell`**: Windows-only. Pi uses `bash` on all platforms.
Package scripts captured
No package scripts captured.