registry  /  @hiver.sh/cli  /  0.1.27

@hiver.sh/cli@0.1.27

Command-line tool for the [Hiver](https://hiver.sh) agent runtime.

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The package is an explicitly invoked Hiver/Docker CLI and local inspector.

Static reason
No blocking static signals were detected.
Trigger
User runs a `hiver` subcommand such as `connect`, `up`, `inspect`, or `bundle`.
Impact
May create `~/.hiver` config/traces and operate selected Docker or Hiver sandbox resources; no covert behavior found.
Mechanism
User-directed Docker orchestration and configured Hiver gateway access.
Rationale
Static source inspection shows no install-time execution or covert malicious chain. The sensitive operations are package-aligned, explicitly user-invoked CLI features with confirmation for Docker installation.
Evidence
package.jsonpackages/commands/bin.jspackages/commands/dist/cli.jspackages/commands/dist/commands.jspackages/commands/dist/config.jspackages/commands/dist/docker.jspackages/commands/dist/inspect/recorder.jspackages/inspector-server/dist/index.jspackages/inspector-server/dist/routes/config.jspackages/inspector-server/dist/routes/sandboxes.js~/.hiver/config.json~/.hiver/traces
Network endpoints2
localhost:10000get.docker.com

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `packages/commands/dist/docker.js` can run a Docker installer, but only after an interactive confirmation.
  • `packages/commands/dist/config.js` writes CLI state under `~/.hiver` on explicit commands.
  • `packages/commands/dist/inspect/recorder.js` records selected sandbox data to a local trace file.
Evidence against
  • `package.json` has no preinstall, install, or postinstall lifecycle hook.
  • `packages/commands/bin.js` only forwards user CLI arguments to the packaged command router.
  • `packages/commands/dist/cli.js` dynamically imports only entries from a fixed command registry.
  • Gateway traffic targets the configured Hiver URL or `http://localhost:10000`.
  • No credential harvesting, AI-agent config mutation, hidden persistence, or third-party exfiltration was found.
  • Inspector server routes proxy user-selected Hiver sandbox operations rather than execute import-time actions.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 59 file(s), 2.97 MB of source, external domains: cdn.jsdelivr.net, docs.docker.com, fs.internal, get.docker.com, github.com, hive.sandbox, jedwatson.github.io, json-schema.org, radix-ui.com, react.dev, www.w3.org
Oversized source lightweight scan
packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.js5.10 MB file, sampled 256 KB
ChildProcessShellObfuscatedHighEntropyStringsMinifiedUrlStringscdn.jsdelivr.netgithub.com

Source & flagged code

2 flagged · loading source
packages/inspector-client/dist/assets/index-BpDteTnV.jsView file
45* See the LICENSE file in the root directory of this source tree. L46: */function WorkerWrapper(options){let objURL;try{if(objURL=blob&&(self.URL||self.webkitURL).createObjectURL(blob),!objURL)throw"";const worker=new Worker(objURL,{name:null==options... L47: /*!
Low
Eval

Package source references a known benign dynamic code generation pattern.

packages/inspector-client/dist/assets/index-BpDteTnV.jsView on unpkg · L45
packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.jsView file
path = packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.js kind = oversized_source_file sizeBytes = 5344467 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.jsView on unpkg

Findings

1 High3 Medium7 Low
HighOversized Source Filepackages/inspector-client/dist/assets/monacoThemes-PBddIj7-.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalpackages/inspector-client/dist/assets/index-BpDteTnV.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License