registry  /  @hed-hog/cli  /  0.0.140

@hed-hog/cli@0.0.140

HedHog CLI tool

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Observed filesystem, shell, database, and network behavior is aligned with a project scaffolding/management CLI and requires explicit CLI commands.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs hedhog commands such as new, add, update, or dev subcommands.
Impact
Modifies the user's HedHog project and may install dependencies or run local tooling when commands are invoked.
Mechanism
project scaffolding, package download, local command execution, and database migration management
Rationale
Static inspection shows a conventional HedHog project CLI with powerful but user-invoked scaffolding, install, migration, and registry-download behavior. No install-time execution, credential exfiltration, stealth persistence, destructive foreign mutation, or AI-agent hijack behavior was found.
Evidence
package.jsondist/src/main.jsdist/src/modules/package/package.service.jsdist/src/modules/package/npmrc.service.jsdist/src/modules/runner/runner.service.jsdist/src/modules/database/database.service.jsdist/src/modules/hedhog/hedhog.service.jsdist/scripts/deploy.jshedhog.jsonlibraries/<name>libraries/<name>/.hedhog-updateapps/api/package.jsonapps/api/.envapps/admin/src/app/(app)/(libraries)/<name>apps/admin/messages/<name>apps/admin/public/libraries/<name>.npmrcpackage.tgz
Network endpoints3
registry.npmjs.org/npm.hedhog.com/community.chocolatey.org/install.ps1

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • User-invoked CLI can run shell commands via RunnerService exec/spawn in dist/src/modules/runner/runner.service.js.
  • User-invoked add/update flows download @hed-hog packages from npm registries and write into project libraries/apps paths.
  • NpmrcService reads home/project .npmrc and may rewrite UTF-16 .npmrc only after interactive prompt or explicit flow.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks; bin points to dist/src/main.js.
  • dist/src/main.js only handles --version, welcome output, and starts nest-commander CLI on user invocation.
  • Registry network is package-aligned: registry.npmjs.org and npm.hedhog.com for @hed-hog/@hed-hog-pro libraries.
  • Database credentials are parsed from project .env for local DB connections, not exfiltrated.
  • No AI-agent control-surface writes or prompt/reviewer manipulation found.
  • dist/scripts/deploy.js is a repo release helper, not a package lifecycle hook or bin entrypoint.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 54 file(s), 572 KB of source, external domains: chocolatey.org, community.chocolatey.org, docs.docker.com, github.com, hedhog.com, nodejs.org, npm.hedhog.com, pnpm.io, registry.npmjs.org, www.docker.com

Source & flagged code

2 flagged · loading source
dist/src/modules/database/database.service.jsView file
307patternName = generic_password severity = medium line = 307 matchedText = let pass...me';
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/src/modules/database/database.service.jsView on unpkg · L307
dist/scripts/deploy.jsView file
2Object.defineProperty(exports, "__esModule", { value: true }); L3: const child_process_1 = require("child_process"); L4: /**
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/scripts/deploy.jsView on unpkg · L2

Findings

4 Medium4 Low
MediumSecret Patterndist/src/modules/database/database.service.js
MediumDynamic Requiredist/scripts/deploy.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings