registry  /  @happyvertical/smrt-cli  /  0.38.3

@happyvertical/smrt-cli@0.38.3

Developer CLI for SMRT framework - introspection, testing, and project management

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious install-time or import-time behavior was found. The package exposes a developer CLI that can write project config/docs, run git/package-manager commands, import local project modules, and download templates only through explicit CLI commands.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User invokes smrt CLI commands such as docs:agents, docs:claude, git:init, gnode, playground:init, or runtime diagnostics.
Impact
Project files may be generated or updated as documented CLI output; no credential harvesting, persistence, exfiltration, or unconsented agent control-surface mutation was identified.
Mechanism
user-invoked developer tooling with scoped filesystem writes and command execution
Rationale
Static source inspection shows suspicious primitives are package-aligned developer CLI capabilities and are activated by explicit commands, not npm lifecycle or passive import. The Claude/agent documentation writer is documented, user-invoked, and scoped to requested output files, so it does not meet the unconsented lifecycle agent-control hijack boundary.
Evidence
package.jsonbin/smrt.jsdist/index.jsdist/commands-BS3AEVpd.jsscripts/verify-package-types-exports.jsAGENTS.mdCLAUDE.md.agents/smrt-framework.md.claude/smrt-framework.md.smrt/register.js.gitattributessrc/playground.tssrc/routes/playground/+page.sveltevite.config.tsvite.config.js
Network endpoints5
github.com/gitlab.com/bitbucket.org/registry.npmjs.orggithub.com/happyvertical/smrt.git

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no npm lifecycle hooks; bin only spawns node on dist/index.js or source fallback.
    • bin/smrt.js child_process use is a CLI wrapper forwarding user arguments to this package entrypoint.
    • dist/index.js lazy-loads command bundle and imports consumer project entry/.smrt/register.js only during CLI class discovery.
    • dist/commands-BS3AEVpd.js docs:agents/docs:claude writes .agents or .claude output only when explicitly invoked, with dry-run support.
    • dist/commands-BS3AEVpd.js template network access is user-invoked git template download limited to GitHub/GitLab/Bitbucket HTTPS with redirect validation.
    • Runtime package-manager/git/vitest spawns are tied to explicit scaffold, git:init, playground, or diagnostic commands, not install/import time.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 6 file(s), 383 KB of source, external domains: bitbucket.org, github.com, gitlab.com

    Source & flagged code

    5 flagged · loading source
    bin/smrt.jsView file
    2L3: import { spawnSync } from 'node:child_process'; L4: import { existsSync } from 'node:fs';
    High
    Child Process

    Package source references child process execution.

    bin/smrt.jsView on unpkg · L2
    dist/commands-BS3AEVpd.jsView file
    matchType = previous_version_dangerous_delta matchedPackage = @happyvertical/smrt-cli@0.37.11 matchedIdentity = npm:QGhhcHB5dmVydGljYWwvc21ydC1jbGk:0.37.11 similarity = 0.500 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/commands-BS3AEVpd.jsView on unpkg
    4469* Security: Command and arguments are validated to prevent injection attacks. L4470: * shell: true is NOT used to avoid command injection vulnerabilities. L4471: */
    High
    Shell

    Package source references shell execution.

    dist/commands-BS3AEVpd.jsView on unpkg · L4469
    3648execSync(`git config ${configScope} merge.smrt-json.name "SMRT JSON merge driver"`, { stdio: "inherit" }); L3649: execSync(`git config ${configScope} merge.smrt-json.driver "npx smrt merge-json %O %A %B"`, { stdio: "inherit" }); L3650: changes.push(`Git merge driver configured (${options.global ? "global" : "local"})`);
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    dist/commands-BS3AEVpd.jsView on unpkg · L3648
    121} L122: const { getPackageConfig } = await import("@happyvertical/smrt-config"); L123: const { DEFAULT_CLI_CONFIG } = await import("./config-BwrFRL8L.js");
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/commands-BS3AEVpd.jsView on unpkg · L121

    Findings

    1 Critical3 High4 Medium4 Low
    CriticalPrevious Version Dangerous Deltadist/commands-BS3AEVpd.js
    HighChild Processbin/smrt.js
    HighShelldist/commands-BS3AEVpd.js
    HighRuntime Package Installdist/commands-BS3AEVpd.js
    MediumDynamic Requiredist/commands-BS3AEVpd.js
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings