registry  /  @apex-stack/core  /  0.22.0

@apex-stack/core@0.22.0

The full-stack meta-framework for Alpine.js — CLI and runtime

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious install-time behavior was found. The main residual risk is an explicit or prompted CLI path that installs a first-party syntax-highlighting VSIX into editors including Cursor/Windsurf.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs apex new/upgrade with --vscode or accepts the interactive extension prompt.
Impact
Editor extension lifecycle change and project dependency install under user-invoked CLI commands; no evidence of payload execution or exfiltration.
Mechanism
guarded first-party editor extension install and scaffold dependency installation
Rationale
Source inspection shows no lifecycle hook, hidden import-time execution, credential harvesting, or exfiltration; scanner hits are mostly CLI scaffolding/build behavior. Because the package can install a first-party extension into AI-capable editors through a guarded user-command path, warn rather than block.
Evidence
package.jsondist/cli.jsdist/upgrade-363YDSK6.jsdist/chunk-TWAGSGFN.jsdist/mcp-CH7L4GF3.jsvscode/apex-alpine.vsixvscode/version.txttemplates/defaulttarget project package.jsontarget project .gitignore
Network endpoints3
localhost:3000/mcpapexjs.sitegithub.com/andrecorugda/apexjs

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • dist/chunk-TWAGSGFN.js can install bundled vscode/apex-alpine.vsix into code/cursor/windsurf/codium after prompt or --vscode.
  • dist/upgrade-363YDSK6.js has user-invoked self-update via npm view/install -g @apex-stack/core@latest.
  • dist/cli.js apex new runs package-manager install in the newly scaffolded app by default.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks.
  • vscode/apex-alpine.vsix contains only VS Code language grammar/config/icon/readme; no extension main/activation script in extension/package.json.
  • dist/chunk-TWAGSGFN.js prompts before extension install unless explicit --vscode is supplied.
  • dist/mcp-CH7L4GF3.js connects to user-specified MCP URL defaulting to localhost only.
  • No credential harvesting, exfiltration endpoints, destructive persistence, or hidden import-time execution found.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 43 file(s), 163 KB of source, external domains: 127.0.0.1, openapi.vercel.sh

Source & flagged code

8 flagged · loading source
dist/upgrade-363YDSK6.jsView file
16// src/commands/upgrade.ts L17: import { spawnSync as spawnSync2 } from "child_process"; L18: import { existsSync, mkdirSync, readdirSync, readFileSync, writeFileSync } from "fs";
High
Child Process

Package source references child process execution.

dist/upgrade-363YDSK6.jsView on unpkg · L16
50} L51: async function maybeSelfUpdate(reexecArgv, choice) { L52: if (choice === false) return false;
High
Shell

Package source references shell execution.

dist/upgrade-363YDSK6.jsView on unpkg · L50
48function installGlobalLatest() { L49: return spawnSync("npm", ["install", "-g", `${PKG}@latest`], { stdio: "inherit", shell: WIN }).status === 0; L50: } ... L62: if (!yes) { L63: log(` ${color.gray("Skipped. Update later with")} ${color.cyan(`npm i -g ${PKG}@latest`)} L64: `);
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/upgrade-363YDSK6.jsView on unpkg · L48
dist/build-ADUIMJ2V.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @apex-stack/core@0.21.0 matchedIdentity = npm:QGFwZXgtc3RhY2svY29yZQ:0.21.0 similarity = 0.930 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/build-ADUIMJ2V.jsView on unpkg
28function runtimeAlias() { L29: const req = createRequire(import.meta.url); L30: const tryResolve = (spec) => {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/build-ADUIMJ2V.jsView on unpkg · L28
vscode/apex-alpine.vsixView file
path = vscode/apex-alpine.vsix kind = high_entropy_blob sizeBytes = 33222 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

vscode/apex-alpine.vsixView on unpkg
path = vscode/apex-alpine.vsix kind = compressed_blob sizeBytes = 33222 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

vscode/apex-alpine.vsixView on unpkg
path = vscode/apex-alpine.vsix kind = nested_archive_needs_inspection sizeBytes = 33222 magicHex = [redacted]
Low
Nested Archive Needs Inspection

Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

vscode/apex-alpine.vsixView on unpkg

Findings

1 Critical4 High5 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/build-ADUIMJ2V.js
HighChild Processdist/upgrade-363YDSK6.js
HighShelldist/upgrade-363YDSK6.js
HighRuntime Package Installdist/upgrade-363YDSK6.js
HighShips High Entropy Blobvscode/apex-alpine.vsix
MediumDynamic Requiredist/build-ADUIMJ2V.js
MediumNetwork
MediumEnvironment Vars
MediumShips Compressed Blobvscode/apex-alpine.vsix
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNested Archive Needs Inspectionvscode/apex-alpine.vsix