registry  /  @abide/abide  /  0.50.0

@abide/abide@0.50.0

Isomorphic multimodal HTTP framework built for humans and machines in a single Bun runtime

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `abide init-agent` in a project.
Impact
Can alter AI-agent guidance for that project after a user-invoked command.
Mechanism
Writes or refreshes a bounded Abide guide block in project-root `CLAUDE.md`.
Rationale
This is an explicit-user-command AI-agent configuration mutation, which is warn-worthy under the stated policy, not concrete malware. Source inspection found no automatic or unconsented execution chain.
Evidence
package.jsonbin/abide.tssrc/initAgent.tssrc/lib/server/runtime/maybeMountInspector.tsCLAUDE.md

Decision evidence

public snapshot
AI called this Suspicious at 95.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `src/initAgent.ts` writes a marker-delimited guide into `<cwd>/CLAUDE.md`.
  • `bin/abide.ts` exposes this write through the explicit `abide init-agent` command.
Evidence against
  • `package.json` contains no `preinstall`, `install`, `postinstall`, or other lifecycle hook.
  • The agent-file write preserves surrounding content and only replaces its own fenced block.
  • No credential harvesting, exfiltration endpoint, hidden payload execution, or automatic agent-control mutation was found.
  • Dynamic inspector loading is opt-in through `ABIDE_ENABLE_INSPECTOR=true` and an explicitly installed optional package.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 831 file(s), 2.10 MB of source, external domains: 127.0.0.1, www.apple.com, www.w3.org

Source & flagged code

2 flagged · loading source
src/lib/ui/compile/parseTemplateRecovering.tsView file
57/* A line-leading static `import` in a nested script body. The `(?=\s)` requires L58: whitespace after the keyword (sparing `import.meta` and no-space `import(...)`), L59: and `(?!\s*\()` spares a dynamic `import (...)` written with whitespace before the
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/lib/ui/compile/parseTemplateRecovering.tsView on unpkg · L57
src/devEntry.tsView file
matchType = previous_version_dangerous_delta matchedPackage = @abide/abide@0.46.0 matchedIdentity = npm:QGFiaWRlL2FiaWRl:0.46.0 similarity = 0.525 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/devEntry.tsView on unpkg

Findings

1 High3 Medium4 Low
HighPrevious Version Dangerous Deltasrc/devEntry.ts
MediumDynamic Requiresrc/lib/ui/compile/parseTemplateRecovering.ts
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings