Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
📦 npm

GHSA-xq7h-vwjp-5vrh

@grackle-ai/powerline Runs Without Authentication by Default

Published
Mar 25, 2026
Updated
Mar 25, 2026
Affected
1 pkg
Patched
1 / 1
Exploits
None indexed

Blast Radius

1 pkg affected

Weekly download volume for affected packages — a proxy for how broadly this vulnerability is deployed.

@grackle-ai/powerlinenpm
1Kdownloads / week

Description

Impact

When --token is not provided and GRACKLE_POWERLINE_TOKEN is not set, the PowerLine gRPC server runs with zero authentication. A warning is logged ("NO AUTH (development only)") but nothing prevents deployment in this state. Any client that can reach the PowerLine port can spawn agent sessions, access credential tokens, and execute code.

The default binding is 127.0.0.1 (loopback only), which limits exposure to the local machine. However, if PowerLine is accidentally exposed on a network (e.g., in a container or via port forwarding), the impact is critical.

Affected code:

  • packages/powerline/src/index.ts:46 — token defaults to empty string
  • packages/powerline/src/index.ts:63-76 — auth interceptor is only added when token is truthy

Patches

0.70.1

Fix: Require an explicit --no-auth flag to run without authentication, rather than defaulting to no auth when the token is empty. Throw an error if starting without a token and without --no-auth.

Workarounds

Always provide --token or set GRACKLE_POWERLINE_TOKEN when starting PowerLine. The Grackle server does this automatically when managing PowerLine lifecycle.

Resources

  • CWE-306: Missing Authentication for Critical Function
  • File: packages/powerline/src/index.ts

Affected Packages

1 total 1 fixed
EcosystemPackageVulnerable rangeFix
📦npm@grackle-ai/powerlineall versions0.70.1

Detection & mitigation playbook

Open-source dependency

  1. Detect

    Scan your dependency tree (package-lock.json, pnpm-lock.yaml, requirements.txt, go.sum, etc.) for @grackle-ai/powerline. O3's reachability analysis confirms whether the vulnerable code path is actually invoked in your application, so you act on real exposure instead of every transitive match.

  2. Fix

    Update @grackle-ai/powerline to 0.70.1 or later, then make sure no transitive (indirect) dependency still pins the vulnerable range — O3 confirms GHSA-xq7h-vwjp-5vrh is resolved across your whole dependency graph.

  3. Workarounds

    If you can't upgrade right away: gate or disable the affected feature, validate untrusted input at the boundary, and avoid passing attacker-controlled data into the vulnerable path. O3's runtime protection blocks exploitation in production as an interim safeguard until the upgrade lands.

  4. How O3 protects you

    O3 pinpoints whether GHSA-xq7h-vwjp-5vrh is reachable in your code and exactly where to fix it, then blocks exploitation in production at runtime until the patched version is deployed.

Tailored to GHSA-xq7h-vwjp-5vrh. Runtime protection reduces exposure until a permanent patch is applied and verified — it complements patching, it doesn't replace it.

Frequently Asked Questions

### Impact When `--token` is not provided and `GRACKLE_POWERLINE_TOKEN` is not set, the PowerLine gRPC server runs with **zero authentication**. A warning is logged (`"NO AUTH (development only)"`) but nothing prevents deployment in this state. Any client that can reach the PowerLine port can spawn agent sessions, access credential tokens, and execute code. The default binding is `127.0.0.1` (loopback only), which limits exposure to the local machine. However, if PowerLine is accidentally exposed on a network (e.g., in a container or via port forwarding), the impact is critical. **Affected
O3 Security · Impact-Aware SCA

Is GHSA-xq7h-vwjp-5vrh in your dependencies?

O3 detects GHSA-xq7h-vwjp-5vrh across npm dependencies and uses function-level reachability to confirm whether the vulnerable code path is actually reachable — not just present. No false positives.

Scan my dependencies How O3 SCA works