registry  /  @hiver.sh/cli  /  0.1.26

@hiver.sh/cli@0.1.26

Command-line tool for the [Hiver](https://hiver.sh) agent runtime.

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a user-invoked Hiver CLI/inspector that starts Docker/gateway workflows and serves a local devtools UI; risky primitives are aligned with that function.

Static reason
No blocking static signals were detected.
Trigger
User runs hiver subcommands such as up, start, run, bundle, inspect, or connect
Impact
Can create project Dockerfile/.hiver.json, write ~/.hiver state/traces, start Docker containers, and proxy sandbox file/terminal data when explicitly invoked
Mechanism
CLI orchestration of Docker, Hiver gateway API calls, and local inspector server
Rationale
Static inspection found no install-time execution or unconsented mutation/exfiltration chain. The concerning filesystem, child_process, network, Docker, and local inspector behavior is activated by explicit CLI commands and matches the package's documented sandbox runtime purpose.
Evidence
package.jsonpackages/commands/bin.jspackages/commands/dist/cli.jspackages/commands/dist/commands.jspackages/commands/dist/docker.jspackages/commands/dist/run/index.jspackages/commands/dist/inspect/index.jspackages/inspector-server/dist/routes/trace.jspackages/inspector-server/dist/index.js.hiver.jsonDockerfile~/.hiver/config.json~/.hiver/traces/recording-<timestamp>.jsonl
Network endpoints7
hiver.sh/docsgithub.com/hiver-sh/hiver.gitdocs.docker.com/get-docker/get.docker.comlocalhost:10000gateway:10000localhost:5173

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • packages/inspector-server/dist/routes/trace.js reads a user-supplied JSON path when localhost inspector is running
  • packages/commands/dist/docker.js can run Docker installers including curl|sh, but only after interactive confirmation
  • packages/commands/dist/run/index.js writes Dockerfile and .hiver.json in the target project after user command/confirmation
Evidence against
  • package.json has no preinstall/install/postinstall hooks
  • packages/commands/bin.js only spawns node on packages/commands/dist/cli.js for the user-invoked bin
  • packages/commands/dist/commands.js dynamic import is constrained to a static command registry
  • network/Docker actions are explicit CLI operations for the Hiver gateway/sandbox workflow
  • no credential harvesting, stealth persistence, destructive install-time behavior, or exfiltration found
  • client eval finding is bundled React/Zod/Monaco code generation, not remote payload execution
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 59 file(s), 2.97 MB of source, external domains: cdn.jsdelivr.net, docs.docker.com, fs.internal, get.docker.com, github.com, hive.sandbox, jedwatson.github.io, json-schema.org, radix-ui.com, react.dev, www.w3.org
Oversized source lightweight scan
packages/inspector-client/dist/assets/monacoThemes-DlpR12OM.js5.10 MB file, sampled 256 KB
ChildProcessShellObfuscatedHighEntropyStringsMinifiedUrlStringscdn.jsdelivr.netgithub.com

Source & flagged code

2 flagged · loading source
packages/inspector-client/dist/assets/index-IVzKuEzE.jsView file
45* See the LICENSE file in the root directory of this source tree. L46: */function WorkerWrapper(options){let objURL;try{if(objURL=blob&&(self.URL||self.webkitURL).createObjectURL(blob),!objURL)throw"";const worker=new Worker(objURL,{name:null==options... L47: /*!
Low
Eval

Package source references a known benign dynamic code generation pattern.

packages/inspector-client/dist/assets/index-IVzKuEzE.jsView on unpkg · L45
packages/inspector-client/dist/assets/monacoThemes-DlpR12OM.jsView file
path = packages/inspector-client/dist/assets/monacoThemes-DlpR12OM.js kind = oversized_source_file sizeBytes = 5344467 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

packages/inspector-client/dist/assets/monacoThemes-DlpR12OM.jsView on unpkg

Findings

1 High3 Medium7 Low
HighOversized Source Filepackages/inspector-client/dist/assets/monacoThemes-DlpR12OM.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalpackages/inspector-client/dist/assets/index-IVzKuEzE.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License