registry  /  @deveco-test/deveco-cli  /  1.2.0-Test.3

@deveco-test/deveco-cli@1.2.0-Test.3

HarmonyOS application development command line tool

AI Security Review

scanned 8d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package exposes a user-invoked HarmonyOS development CLI that can build/run projects, manage devices, install agent skills/MCP config, and extract bundled docs.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit devecocli command invocation; no install-time trigger found.
Impact
Expected project/device/build and agent-configuration side effects for a DevEco/HarmonyOS tool; no unconsented malicious behavior confirmed.
Mechanism
User-invoked CLI wrappers, local doc extraction, agent skill/MCP configuration
Rationale
Static source inspection found risky primitives, archive content, network access, and AI-agent config writes, but all are aligned with documented, explicit CLI functionality and not lifecycle/import-time abuse. The scanner's dangerous-delta and archive hints are explainable by the bundled CLI/docs and do not establish malware.
Evidence
package.jsondist/cli.jsSKILL.mdREADME.mddocs.zip~/.local/share/deveco-cli/docs~/.config/opencode/skills~/.cursor/skills~/.codebuddy/skills~/.qoder/skills~/.codex/skills.hvigor/.build-lock
Network endpoints4
matrix.openharmony.cn/api/model_base/model/tags?serviceType=skillmatrix.openharmony.cn/api/registry/skill/skillsmatrix.openharmony.cn/api/registry/skillnpm view @deveco-test/deveco-cli version

Decision evidence

public snapshot
AI called this Clean at 84.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • SKILL.md contains strong agent preference language, but it is only installed by user-invoked init/skills commands.
  • dist/cli.js can write agent skill/MCP config paths and project build artifacts when users run init, skills, serve, build, or docs commands.
  • docs.zip is a large bundled archive extracted by docs commands, but zip listing showed no absolute, traversal, script, or binary paths.
Evidence against
  • package.json has no install/postinstall hook; prepare/prepublishOnly are publisher-side/dev scripts.
  • bin dist/cli.js is a HarmonyOS CLI wrapping DevEco tools; command execution is tied to explicit CLI subcommands.
  • Network use is package-aligned: update checks npm, skills commands call matrix.openharmony.cn, docs search is local after bundled extraction.
  • Path containment checks are present for project/doc paths and downloaded skill zips verify size and SHA256 before extraction.
  • No credential harvesting, secret exfiltration, persistence, destructive lifecycle behavior, or import-time payload found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 387 KB of source, external domains: cloud.huawei.com, consumer.huawei.com, developer.huawei.com, device.harmonyos.com, legal.cloud.huawei.com, legal.cloud.huawei.com.cn, matrix.openharmony.cn, privacy.consumer.huawei.com

Source & flagged code

4 flagged · loading source
docs.zipView file
path = docs.zip kind = high_entropy_blob sizeBytes = 42072965 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

docs.zipView on unpkg
path = docs.zip kind = compressed_blob sizeBytes = 42072965 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

docs.zipView on unpkg
path = docs.zip kind = nested_archive_needs_inspection sizeBytes = 42072965 magicHex = [redacted]
Low
Nested Archive Needs Inspection

Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

docs.zipView on unpkg
dist/cli.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @deveco-test/deveco-cli@1.2.0-Test.2 matchedIdentity = npm:QGRldmVjby10ZXN0L2RldmVjby1jbGk:1.2.0-Test.2 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/cli.jsView on unpkg

Findings

1 Critical1 High3 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/cli.js
HighShips High Entropy Blobdocs.zip
MediumEnvironment Vars
MediumShips Compressed Blobdocs.zip
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNested Archive Needs Inspectiondocs.zip