registry  /  @cr8rcho/alkahest  /  0.1.38

@cr8rcho/alkahest@0.1.38

Screen-graph CLI that reverse-engineers a product from code (React/Next static analysis → product map)

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface. Network, filesystem, package-manager, and Git-hook actions are tied to explicit CLI commands and documented package functions.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `alkahest publish`, `login`, `update`, `hook install`, `scan`, or `view`.
Impact
May save a token, upload a selected map, write `.alkahest` output, modify local Git hooks, or update this package when the user requests it.
Mechanism
Explicit CLI publishing, local analysis output, optional Git hooks, and self-update.
Rationale
The flagged primitives implement documented, user-invoked CLI capabilities rather than install-time or stealth behavior. Static inspection found no credential harvesting beyond an explicitly supplied service token and no unconsented foreign control-surface mutation.
Evidence
package.jsondist/cli.jsdist/commands/update.jsdist/commands/hook.jsdist/core/credentials.jsdist/core/publish.jsdist/core/serve.jsdist/core/version.js~/.alkahest/credentials.json~/.alkahest/update-check.json<projectRoot>/.alkahest/map.json<projectRoot>/.alkahest/index.html<projectRoot>/.git/hooks/post-commit<projectRoot>/.git/hooks/post-merge
Network endpoints2
ytcmzkrvtomtcrcyqqcb.supabase.co/functions/v1api.github.com/repos/cr8rcho/alkahest-cli/releases/latest

Decision evidence

public snapshot
AI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `dist/commands/update.js` explicitly runs `git pull` and `npm install` only via `alkahest update`.
  • `dist/commands/hook.js` writes marked post-commit/post-merge hooks only via `alkahest hook install`.
  • `dist/core/credentials.js` stores a user-provided publish token in `~/.alkahest/credentials.json`.
Evidence against
  • `package.json` has no preinstall/install/postinstall hook; `prepare` only invokes the missing source build assets.
  • `dist/cli.js` exposes update, hook, login, publish, and MCP behavior as explicit commands.
  • `dist/core/serve.js` binds only to `127.0.0.1` and opens that printed local URL.
  • `dist/core/publish.js` sends the scanned map only after explicit publish and token resolution.
  • No eval, VM execution, opaque payload loading, or foreign AI-agent config writes were found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 55 file(s), 342 KB of source, external domains: 127.0.0.1, api.github.com, ytcmzkrvtomtcrcyqqcb.supabase.co

Source & flagged code

3 flagged · loading source
dist/core/serve.jsView file
3import { extname, resolve } from "node:path"; L4: import { spawn } from "node:child_process"; L5: import { platform } from "node:os";
High
Child Process

Package source references child process execution.

dist/core/serve.jsView on unpkg · L3
dist/commands/update.jsView file
23console.log("[alkahest] update by reinstalling the latest from npm:"); L24: console.log(` npm install -g ${pkgName}@latest`); L25: return; L26: } L27: const run = (cmd, args) => execFileSync(cmd, args, { cwd: pkgRoot, stdio: "inherit" }); L28: try {
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/commands/update.jsView on unpkg · L23
dist/core/publish.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @cr8rcho/alkahest@0.1.37 matchedIdentity = npm:QGNyOHJjaG8vYWxrYWhlc3Q:0.1.37 similarity = 0.943 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/core/publish.jsView on unpkg

Findings

1 Critical3 High3 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/core/publish.js
HighChild Processdist/core/serve.js
HighShell
HighRuntime Package Installdist/commands/update.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings