registry  /  @devground/devground  /  1.1.0

@devground/devground@1.1.0

All devground standards in one package. Install once, get everything.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `npx devground-setup` from a project root.
Impact
Existing agent instruction files and the pre-commit hook can be replaced; `package.json` gains a `prepare` script.
Mechanism
Project configuration, Git-hook, and AI-agent instruction-file mutation.
Rationale
The scanner’s shell/install finding is a fixed, documented Husky initialization command. The package is not malicious by source evidence, but its explicit command rewrites AI-agent instruction surfaces and warrants a warning under the stated policy.
Evidence
package.jsonsetup.jsREADME.mdeslint.config.mjstsconfig.jsontsconfig.typecheck.jsoncommitlint.config.js.husky/pre-commitAGENTS.mdCLAUDE.md.cursorrules.github/copilot-instructions.md.gemini/styleguide.md

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `setup.js` is an explicitly invoked bin that creates AI-agent instruction symlinks for Claude, Cursor, Copilot, and Gemini.
  • `setup.js` replaces existing agent-control paths after unlinking them, including `CLAUDE.md`, `.cursorrules`, and `.github/copilot-instructions.md`.
  • `setup.js` modifies the caller project: `package.json`, config files, `.husky/pre-commit`, and agent instruction files.
  • `setup.js` executes `npx husky init`, creating Git-hook setup at user-command time.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or other lifecycle scripts.
  • `README.md` documents `npx devground-setup`; mutation occurs only after explicit user invocation.
  • No network client, credential/env harvesting, remote payload loading, eval, or dynamic code execution appears in inspected source.
  • The only shell command is fixed-string `npx husky init`; no user data is interpolated into it.
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 7.33 KB of source

Source & flagged code

2 flagged · loading source
setup.jsView file
2L3: const { execSync } = require('node:child_process'); L4: const fs = require('node:fs');
High
Child Process

Package source references child process execution.

setup.jsView on unpkg · L2
164try { L165: execSync('npx husky init', { cwd: targetDir, stdio: 'pipe' }); L166: log('Husky inicializado');
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

setup.jsView on unpkg · L164

Findings

3 High1 Low
HighChild Processsetup.js
HighShell
HighRuntime Package Installsetup.js
LowFilesystem