registry  /  @fugood/bricks-cli  /  2.24.11

@fugood/bricks-cli@2.24.11

BRICKS CLI - Command-line interface for BRICKS Workspace API

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Running bricks project creation or update commands
Impact
May write project AI-agent guidance files or execute package-aligned updater when the user invokes those commands
Mechanism
explicit CLI project scaffolding and self-update execution
Rationale
Source inspection supports a warn-level lifecycle/capability risk rather than malicious behavior: AI-agent file writes are explicit CLI scaffolding options, and updater execution is user-invoked and package-aligned. There is no concrete unconsented install-time mutation, stealth persistence, credential theft, or destructive action.
Evidence
package.jsonbin/bricksbin/bricks.jsbin/bricks.cmdlib/index.jslib/153.jslib/718.jslib/336.jsAGENTS.mdCLAUDE.mdGEMINI.md.github/workflows/ci.yml
Network endpoints9
cdn.bricks.tools/bricks-cli/releasecdn.bricks.tools/bricks-cli/betacdn.bricks.tools/bricks-cli/${t}/${r}registry.npmjs.org/-/package/${w}/dist-tagscontrol.bricks.toolsbank.bricks.toolsbank-beta.bricks.toolsapi.openai.com/v1api.anthropic.com/v1/messages

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • lib/index.js/lib/153.js expose project creation options that include AGENTS.md and CLAUDE.md by default unless user disables them.
  • lib/718.js has a user-invoked updater that downloads install.sh/install.ps1 from cdn.bricks.tools and executes it via sh/powershell.
  • bin/bricks imports lib/index.js and runs CLI commands; no npm install/postinstall hook is present.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle scripts; only prepack build is declared.
  • bin/bricks and bin/bricks.cmd only dispatch to bun/node for bin/bricks.js.
  • Network endpoints are BRICKS service/CDN/API URLs or documented third-party provider URLs used by CLI features.
  • Auth/token handling appears tied to BRICKS profiles/workspace commands, not broad credential harvesting.
  • AI-agent files are generated by explicit project creation flow with --no-agents/--no-claude options, not install-time mutation.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
Manifest
NoLicense
scanned 27 file(s), 4.40 MB of source, external domains: activity-log-beta.bricks.tools, activity-log.bricks.tools, addons.mozilla.org, ai.google.dev, api.anthropic.com, api.openai.com, arxiv.org, auth0.bricks.tools, bank-beta.bricks.tools, bank.bricks.tools, cdn.bricks.tools, chrome.google.com, commonmark.org, control.bricks.tools, crontab.guru, d1kk0369g9vrck.cloudfront.net, developer.android.com, display-beta.bricks.tools, display.bricks.tools, display.bricks.tw, docs.anthropic.com, echarts.apache.org, en.wikipedia.org, example.com, firebase.google.com, github.com, go.apollo.dev, huggingface.co, json-schema.org, media-beta.bricks.tools, mybigday.auth0.com, openai.fm, platform.openai.com, raw.githubusercontent.com, registry.npmjs.org, rive.app, vocajs.com, www.openresponses.org, www.zombieprototypes.com, yarnpkg.com

Source & flagged code

5 flagged · loading source
lib/index.jsView file
1import{createRequire as e}from"node:module";const t=e(import.meta.url);import*as o from"ink";import*as n from"ink-picture";import*as r from"react";import*as i from"react/jsx-runtim...
High
Child Process

Package source references child process execution.

lib/index.jsView on unpkg · L1
1import{createRequire as e}from"node:module";const t=e(import.meta.url);import*as o from"ink";import*as n from"ink-picture";import*as r from"react";import*as i from"react/jsx-runtim...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

lib/index.jsView on unpkg · L1
matchType = previous_version_dangerous_delta matchedPackage = @fugood/bricks-cli@2.24.10 matchedIdentity = npm:QGZ1Z29vZC9icmlja3MtY2xp:2.24.10 similarity = 0.500 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

lib/index.jsView on unpkg
lib/886.jsView file
1export const __webpack_esm_id__=886;export const __webpack_esm_ids__=[886];export const __webpack_esm_modules__={1080:(e,t,r)=>{r.d(t,{fd:()=>o,rs:()=>n});Symbol("ZodOutput"),Symbo...
Low
Eval

Package source references a known benign dynamic code generation pattern.

lib/886.jsView on unpkg · L1
bin/bricks.cmdView file
path = bin/bricks.cmd kind = build_helper sizeBytes = 116 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

bin/bricks.cmdView on unpkg

Findings

3 High5 Medium7 Low
HighChild Processlib/index.js
HighSame File Env Network Executionlib/index.js
HighPrevious Version Dangerous Deltalib/index.js
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumShips Build Helperbin/bricks.cmd
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvallib/886.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License