registry  /  @deveco-test/deveco-cli  /  1.2.0

@deveco-test/deveco-cli@1.2.0

HarmonyOS application development command line tool

AI Security Review

scanned 9d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. Risky behavior is user-invoked CLI functionality for HarmonyOS development, local docs extraction, and explicit AI-agent integration setup.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs devecocli commands such as init, skills, docs, build, run, or serve mcp.
Impact
No confirmed unauthorized impact from install-time or import-time behavior.
Mechanism
benign development CLI with user-invoked tool execution and configuration writes
Rationale
Static inspection found a feature-rich HarmonyOS CLI with disclosed, user-invoked AI-agent integration and MCP configuration, but no install-time execution, credential theft, exfiltration, persistence, or unconsented control-surface mutation. Scanner flags appear driven by the bundled docs archive and dangerous-but-package-aligned CLI primitives.
Evidence
package.jsondist/cli.jsSKILL.mdREADME.mddocs.zip
Network endpoints2
matrix.openharmony.cndeveloper.huawei.com/consumer/cn/download/

Decision evidence

public snapshot
AI called this Clean at 82.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • dist/cli.js has user-invoked `init`/`skills` features that write AI-agent skills and MCP configs for cursor/opencode/codex/etc.
  • dist/cli.js performs network calls to `https://matrix.openharmony.cn` for a HarmonyOS skill registry and `npm view` for updates.
  • docs.zip is a large bundled archive extracted by the `docs` command into a user docs directory.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hook; prepare/prepublishOnly are publish-time/dev commands.
  • dist/cli.js dangerous primitives are aligned with CLI functions: DevEco tool execution, emulator/device control, MCP syntax checking, docs search, and update checks.
  • SKILL.md and README.md disclose AI-agent skill/MCP setup; no lifecycle-triggered control-surface mutation found.
  • docs.zip listing shows many `.md`/`.json` HarmonyOS documentation files, not executable payloads.
  • Path containment checks exist for project file reads and MCP check inputs in dist/cli.js.
  • No credential harvesting or exfiltration logic identified in inspected source.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 386 KB of source, external domains: cloud.huawei.com, consumer.huawei.com, developer.huawei.com, device.harmonyos.com, legal.cloud.huawei.com, legal.cloud.huawei.com.cn, matrix.openharmony.cn, privacy.consumer.huawei.com

Source & flagged code

4 flagged · loading source
docs.zipView file
path = docs.zip kind = high_entropy_blob sizeBytes = 42072965 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

docs.zipView on unpkg
path = docs.zip kind = compressed_blob sizeBytes = 42072965 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

docs.zipView on unpkg
path = docs.zip kind = nested_archive_needs_inspection sizeBytes = 42072965 magicHex = [redacted]
Low
Nested Archive Needs Inspection

Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

docs.zipView on unpkg
dist/cli.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @deveco-test/deveco-cli@1.2.0-Test.1 matchedIdentity = npm:QGRldmVjby10ZXN0L2RldmVjby1jbGk:1.2.0-Test.1 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/cli.jsView on unpkg

Findings

1 Critical1 High3 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/cli.js
HighShips High Entropy Blobdocs.zip
MediumEnvironment Vars
MediumShips Compressed Blobdocs.zip
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNested Archive Needs Inspectiondocs.zip