registry  /  @10stars/config  /  17.0.5

@10stars/config@17.0.5

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. This is a Bun development CLI with user-invoked project setup, linting, linking, and process-management commands.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit invocation of config subcommands such as prepare, linkRemote, run, or killPort.
Impact
May modify the caller's project files/node_modules or execute user-supplied commands, but no unconsented install-time behavior is present.
Mechanism
User-directed local file changes, subprocesses, and optional GitHub sibling clones.
Rationale
Static hints reflect explicit developer CLI capabilities rather than covert package behavior. The manifest has no install hook, and inspected source shows no exfiltration, stealth persistence, or unconsented AI-agent control-surface mutation.
Evidence
package.jsonsrc/index.tssrc/link-remote.tssrc/vscode-config.tssrc/link-packages.tssrc/vanilla-extract/patch-vanilla-extract.ts.oxfmtrc.json.vscode/extensions.json.vscode/settings.jsonnode_modules@vanilla-extract/integration/dist/*.js
Network endpoints1
github.com/${getOrg()}/${repo}.git

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has only prepublishOnly; no install lifecycle hook.
    • src/index.ts dispatches behavior only after an explicit CLI command.
    • src/link-remote.ts uses GitHub URLs solely for explicit linkRemote sibling cloning.
    • src/vscode-config.ts writes project-local .vscode configuration, not agent controls.
    • No credential harvesting, exfiltration, remote payload execution, or hidden binaries found.
    Behavioral surface
    Source
    ChildProcessDynamicRequireEnvironmentVarsFilesystemShell
    Supply chain
    UrlStrings
    Manifest
    NoLicense
    scanned 9 file(s), 46.0 KB of source, external domains: github.com

    Source & flagged code

    4 flagged · loading source
    src/vscode-config.tsView file
    1import { execSync } from "node:child_process" L2: import fs from "node:fs/promises"
    High
    Child Process

    Package source references child process execution.

    src/vscode-config.tsView on unpkg · L1
    121console.info(`Written: ${settingsPath}`) L122: execSync("bunx oxfmt", { cwd: vscodeDir, stdio: `inherit` }) L123: }
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    src/vscode-config.tsView on unpkg · L121
    src/link-remote.tsView file
    matchType = previous_version_dangerous_delta matchedPackage = @10stars/config@17.0.4 matchedIdentity = npm:QDEwc3RhcnMvY29uZmln:17.0.4 similarity = 0.889 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    src/link-remote.tsView on unpkg
    85const getConfig = async (cwd: string): Promise<Config | null> => L86: import(path.join(cwd, `10stars.config`)).catch(() => null) L87:
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    src/link-remote.tsView on unpkg · L85

    Findings

    1 Critical3 High3 Medium5 Low
    CriticalPrevious Version Dangerous Deltasrc/link-remote.ts
    HighChild Processsrc/vscode-config.ts
    HighShell
    HighRuntime Package Installsrc/vscode-config.ts
    MediumDynamic Requiresrc/link-remote.ts
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowFilesystem
    LowUrl Strings
    LowNo License