registry  /  @code-partner/codepipe  /  0.3.0

@code-partner/codepipe@0.3.0

**CodePipe turns your tracker tasks into reviewed pull requests.** Assign a YouTrack task to yourself — an AI agent (Claude Code) studies your codebase, proposes a solution, waits for your approval, implements it, verifies the build and opens a PR. You co

AI Security Review

scanned 3d ago · by lpm-firewall-ai

The package is an explicitly invoked orchestration CLI that can run a local Claude worker and make authenticated Git-host API requests. No unconsented install-time execution or confirmed malicious data-exfiltration path is established.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `codepipe` commands such as `up`, `worker`, or project setup.
Impact
Authorized workflow actions can create branches, push changes, and open PRs using user-provided credentials.
Mechanism
User-directed local agent, git, credential, and hub orchestration.
Rationale
Static signals reflect the documented purpose of a user-invoked developer automation CLI. Inspection found no lifecycle hook, stealth execution, unrelated exfiltration endpoint, or concrete malicious chain.
Evidence
package.jsonREADME.mddist/index.js~/.codepipe/config.json~/.codepipe/worker/config.json
Network endpoints5
hub.codepipe.devapi.github.comgitlab.com/api/v4api.bitbucket.org/2.0api.anthropic.com/v1/models?limit=1

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • `package.json` has no preinstall/install/postinstall lifecycle hook.
    • `dist/index.js` is a Node CLI entrypoint; startup only parses explicit `codepipe` commands.
    • Network calls target the configured CodePipe hub and GitHub/GitLab/Bitbucket APIs for the documented workflow.
    • `child_process` use launches the local CLI/worker and configured Claude agent under explicit commands.
    • Credential handling writes CodePipe-owned configuration beneath `~/.codepipe`; no source evidence sends harvested environment data to unrelated hosts.
    • No eval/vm/Function, hidden payload loading, or import-time destructive behavior was found in inspected files.
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    Manifest
    NoLicense
    scanned 1 file(s), 279 KB of source, external domains: api.anthropic.com, api.bitbucket.org, api.github.com, example.com, gitlab.com, hub.codepipe.dev, id.atlassian.com, your.youtrack.cloud

    Source & flagged code

    3 flagged · loading source
    dist/index.jsView file
    435`:"")}function Ed(t,e,r){let o=[],n=Je(t,`tasks/${e}/attachments`);if(ia(n))for(let i of Rd(n))o.push(i);for(let i of r)o.includes(i.name)||o.push(i.name);return o}var po=new Map;a... L436: `,{mode:384})}function Gd(t){return aa()[t]}function yt(t,e){let r=aa();r[t]=e,Bd(r)}function Lt(t,e){let r=he(e),o=Gd(t);if(o&&o!==r)throw new Error(`farm ${t} key fingerprint cha... L437: `)?e:e+`
    High
    Child Process

    Package source references child process execution.

    dist/index.jsView on unpkg · L435
    426`}function Up(t){return`codepipe/context-migration-v${t}`}function Lp(t){let e=ci(t.templateVersion),r=[`CodePipe context format migration: **v${t.templateVersion} \u2192 v${t.curr... L427: `)}async function ss(t,e,r,o){let n=sn(t);await n.pull(void 0,void 0,["--rebase"]).catch(()=>{});let i=eo(t,e);if(!i.outdated)return i;let s=Up(i.currentVersion),a=r?.branch??(awai... L428: ${l.trim()}`)}}let i=us(o);try{await i.fetch()}catch(a){let c=a instanceof Error?a.message:String(a);throw new Error(`git fetch failed in ${o} ... L430: ${y.trim()}`)}}let h=(await t.revparse(["HEAD"])).trim(),C=f?["--force-with-lease","-u","origin",a]:["-u","origin",a];return await t.push(C),await t.push([o,"--delete",n]).catch(()... L431: `)){let o=r.match(/CA Issuers - URI:\s*(https?:\/\/\S+)/i);if(o?.[1])return o[1].trim()}return null}function id(t,e,r){return new Promise((o,n)=>{let i=Ze.connect({host:t,port:e,se... L432: `)}function jd(t,e,r){let o=new Map,n=Je(t,`tasks/${e}/comments.jsonl`);if(ia(n))for(let i of Cd(n,"utf-8").split(` ... L435: `:"")}function Ed(t,e,r){let o=[],n=Je(t,`tasks/${e}/attachments`);if(ia(n))for(let i of Rd(n))o.push(i);for(let i of r)o.includes(i.name)||o.push(i.name);
    High
    Same File Env Network Execution

    A single source file combines environment access, network access, and code or shell execution; review context before blocking.

    dist/index.jsView on unpkg · L426
    426`}function Up(t){return`codepipe/context-migration-v${t}`}function Lp(t){let e=ci(t.templateVersion),r=[`CodePipe context format migration: **v${t.templateVersion} \u2192 v${t.curr... L427: `)}async function ss(t,e,r,o){let n=sn(t);await n.pull(void 0,void 0,["--rebase"]).catch(()=>{});let i=eo(t,e);if(!i.outdated)return i;let s=Up(i.currentVersion),a=r?.branch??(awai... L428: ${l.trim()}`)}}let i=us(o);try{await i.fetch()}catch(a){let c=a instanceof Error?a.message:String(a);throw new Error(`git fetch failed in ${o} ... L435: `:"")}function Ed(t,e,r){let o=[],n=Je(t,`tasks/${e}/attachments`);if(ia(n))for(let i of Rd(n))o.push(i);for(let i of r)o.includes(i.name)||o.push(i.name);return o}var po=new Map;a... L436: `,{mode:384})}function Gd(t){return aa()[t]}function yt(t,e){let r=aa();r[t]=e,Bd(r)}function Lt(t,e){let r=he(e),o=Gd(t);if(o&&o!==r)throw new Error(`farm ${t} key fingerprint cha... L437: `)?e:e+` ... L440: `,{mode:384})}import wf from"ws";var Gt=class{hubUrl;token;constructor(e,r){this.hubUrl=e,this.token=r}async register(e){let r=await fetch(`${this.hubUrl}/sandbox/register`,{method... L441: `}async function tc(t,e){if(!e.interactive)throw new Error("runInteracti
    High
    Command Output Exfiltration

    Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

    dist/index.jsView on unpkg · L426

    Findings

    3 High2 Medium5 Low
    HighChild Processdist/index.js
    HighSame File Env Network Executiondist/index.js
    HighCommand Output Exfiltrationdist/index.js
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings
    LowNo License