registry  /  @10stars/config  /  17.0.6

@10stars/config@17.0.6

AI Security Review

scanned 39m ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a development configuration CLI whose project mutations require explicit commands.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs the `config` CLI, such as `config prepare` or `config linkRemote`.
Impact
May intentionally modify the invoking project's config files and dependencies; no unconsented install-time behavior is present.
Mechanism
Explicit development-tool configuration, linking, formatting, and dependency maintenance.
Rationale
Source inspection shows an explicitly invoked development CLI with package-aligned project configuration actions. Although it can execute package-manager commands and edit project files, there is no install-time execution, credential theft, exfiltration, stealth persistence, or concrete malicious chain.
Evidence
package.jsonsrc/index.tssrc/vscode-config.tssrc/manage-overrides.tssrc/linking/link-remote.tssrc/vanilla-extract/patch-vanilla-extract.ts.oxfmtrc.json.vscode/extensions.json.vscode/settings.jsonnode_modules/@vanilla-extract/integration/dist/*.jsnode_modules/*/package.json
Network endpoints1
github.com/${org}/${repo}.git

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `prepare` explicitly rewrites project config and installed Vanilla Extract files.
  • `setupOverrides` invokes `bun install` after updating project `package.json`.
  • `linkRemote` can clone package-aligned GitHub sibling repositories when explicitly invoked.
Evidence against
  • `package.json` has only `prepublishOnly`; no npm install lifecycle hook.
  • CLI actions run only after a user invokes the `config` binary and selects a command.
  • No credential harvesting, secret reads, exfiltration, eval, or remote payload loading found.
  • Network use is limited to explicit GitHub clone URLs in `linkRemote`.
  • VS Code writes are standard `.vscode/extensions.json` and `.vscode/settings.json`, not AI-agent controls.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemShell
Supply chain
UrlStrings
Manifest
NoLicense
scanned 9 file(s), 46.8 KB of source, external domains: github.com

Source & flagged code

4 flagged · loading source
src/vscode-config.tsView file
1import { execSync } from "node:child_process" L2: import fs from "node:fs/promises"
High
Child Process

Package source references child process execution.

src/vscode-config.tsView on unpkg · L1
121console.info(`Written: ${settingsPath}`) L122: execSync("bunx oxfmt", { cwd: vscodeDir, stdio: `inherit` }) L123: }
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

src/vscode-config.tsView on unpkg · L121
src/index.tsView file
matchType = previous_version_dangerous_delta matchedPackage = @10stars/config@17.0.5 matchedIdentity = npm:QDEwc3RhcnMvY29uZmln:17.0.5 similarity = 0.778 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/index.tsView on unpkg
33const getConfig = async (): Promise<Config | null> => L34: import(path.join(cwd, `10stars.config`)).catch(() => null) L35:
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/index.tsView on unpkg · L33

Findings

1 Critical3 High3 Medium5 Low
CriticalPrevious Version Dangerous Deltasrc/index.ts
HighChild Processsrc/vscode-config.ts
HighShell
HighRuntime Package Installsrc/vscode-config.ts
MediumDynamic Requiresrc/index.ts
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License