registry  /  @dreamy-ui/cli  /  2.1.1

@dreamy-ui/cli@2.1.1

CLI for Dreamy UI

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The CLI performs documented, explicit scaffolding actions and downloads Dreamy UI component data from its fixed registry.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs the `dreamy` CLI, especially `init`, `add`, `list`, or `diff`.
Impact
Expected project configuration and component generation; no unconsented install-time behavior was found.
Mechanism
User-invoked project scaffolding, registry fetches, and package-manager/codegen commands.
Rationale
Source inspection shows a normal UI scaffolding CLI with no lifecycle execution or concrete malicious chain. Scanner hits arise from bundled dependencies, parser control-character constants, and documented CLI behavior.
Evidence
package.jsonbin/index.jsdist/index.mjsdist/flow-Dt9d_f4q.mjsdist/yaml-CAMz1DEp.mjsREADME.mdpanda.config.tspanda.config.jspostcss.config.mjsvite.config.tstsconfig.jsoncomponents/ui
Network endpoints1
dreamy-ui.com

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `dist/index.mjs` fetches component definitions from the fixed `https://dreamy-ui.com` registry during explicit CLI commands.
  • `dist/index.mjs` invokes package-manager and Panda codegen commands only from user-invoked `init`/`add` flows.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
  • `bin/index.js` only imports `run` and executes it as the explicit `dreamy` command.
  • No source evidence of credential harvesting, environment-secret reads, exfiltration, agent-control writes, or stealth persistence.
  • The alleged YAML Unicode is a bundled parser's BOM/control-character handling, not hidden executable logic.
  • The flow-bundle secret match is TypeScript grammar/vendor code, not an embedded credential.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 16 file(s), 3.99 MB of source, external domains: dreamy-ui.com, git.io, prettier.io, www.w3.org

Source & flagged code

5 flagged · loading source
dist/flow-Dt9d_f4q.mjsView file
3patternName = aws_access_key severity = critical line = 3 matchedText = var e=Ob...it(`
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/flow-Dt9d_f4q.mjsView on unpkg · L3
3patternName = aws_access_key severity = critical line = 3 matchedText = var e=Ob...it(`
Critical
Secret Pattern

AWS access key ID in dist/flow-Dt9d_f4q.mjs

dist/flow-Dt9d_f4q.mjsView on unpkg · L3
dist/index.mjsView file
Trigger-reachable chain: manifest.exports -> dist/index.mjs Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/index.mjsView on unpkg
1import { createRequire as topLevelCreateRequire } from 'module'; L2: const require = topLevelCreateRequire(import.meta.url); L3: import*as e from"@clack/prompts";import{spinner as t}from"@clack/prompts";import{Command as n}from"commander";import{existsSync as r,mkdirSync as i,readFileSync as a}from"node:fs";...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.mjsView on unpkg · L1
dist/yaml-CAMz1DEp.mjsView file
131contains invisible/control Unicode U+FEFF (zero width no-break space) `};delete e.items,Object.assign(e,{type:n,source:t,end:[r]});break}default:{let r=`indent`in e?e.indent:-1,i=`end`in e&&Array.isArray(e.end)?e.end.filter(e=>e.type===`space`||e.type===`comment`||e.type===`newline`):[];for(let t of Object.ke
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

dist/yaml-CAMz1DEp.mjsView on unpkg · L131

Findings

4 Critical3 Medium5 Low
CriticalCritical Secretdist/flow-Dt9d_f4q.mjs
CriticalTrojan Source Unicodedist/yaml-CAMz1DEp.mjs
CriticalTrigger Reachable Dangerous Capabilitydist/index.mjs
CriticalSecret Patterndist/flow-Dt9d_f4q.mjs
MediumDynamic Requiredist/index.mjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings