registry  /  @hiver.sh/cli  /  0.1.29

@hiver.sh/cli@0.1.29

Command-line tool for the [Hiver](https://hiver.sh) agent runtime.

AI Security Review

scanned 2d ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `hiver install-skill` (optionally with `--force`).
Impact
User-invoked changes to local Claude, Codex, Antigravity, or Copilot skill configuration can influence those agents' available instructions.
Mechanism
Explicit agent-skill symlink installation and optional target replacement.
Rationale
Source inspection found no malicious install-time or covert behavior. The explicit multi-agent configuration mutation is a meaningful control-surface capability and warrants a warning under the firewall policy.
Evidence
package.jsonpackages/commands/bin.jspackages/commands/dist/cli.jspackages/commands/dist/commands.jspackages/commands/dist/install-skill/index.jspackages/commands/dist/install-skill/install.jspackages/commands/dist/skills/hiver/SKILL.md

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `packages/commands/dist/commands.js` exposes explicit `install-skill`.
  • `packages/commands/dist/install-skill/install.js` detects Claude, Codex, Antigravity, and Copilot home configs.
  • Explicit command creates symlinks in agent skill directories; `--force` can remove an existing target.
Evidence against
  • `package.json` has no preinstall, install, or postinstall lifecycle hook.
  • `packages/commands/bin.js` only launches the selected CLI command.
  • `packages/commands/dist/cli.js` imports only registry-defined local command modules.
  • Installer links the bundled `packages/commands/dist/skills/hiver` directory; no remote payload fetch is present.
  • No credential harvesting or external exfiltration endpoint was found in reviewed command code.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 61 file(s), 2.98 MB of source, external domains: cdn.jsdelivr.net, docs.docker.com, fs.internal, get.docker.com, github.com, hive.sandbox, jedwatson.github.io, json-schema.org, radix-ui.com, react.dev, s3.us-west-002.backblazeb2.com, www.w3.org
Oversized source lightweight scan
packages/inspector-client/dist/assets/monacoThemes-B_8aT0rf.js5.10 MB file, sampled 256 KB
ChildProcessShellObfuscatedHighEntropyStringsMinifiedUrlStringscdn.jsdelivr.netgithub.com

Source & flagged code

3 flagged · loading source
packages/inspector-client/dist/assets/index-ByHwJMFL.jsView file
45* See the LICENSE file in the root directory of this source tree. L46: */function WorkerWrapper(options){let objURL;try{if(objURL=blob&&(self.URL||self.webkitURL).createObjectURL(blob),!objURL)throw"";const worker=new Worker(objURL,{name:null==options... L47: /*!
Low
Eval

Package source references a known benign dynamic code generation pattern.

packages/inspector-client/dist/assets/index-ByHwJMFL.jsView on unpkg · L45
packages/inspector-client/dist/assets/monacoThemes-B_8aT0rf.jsView file
path = packages/inspector-client/dist/assets/monacoThemes-B_8aT0rf.js kind = oversized_source_file sizeBytes = 5344467 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

packages/inspector-client/dist/assets/monacoThemes-B_8aT0rf.jsView on unpkg
packages/commands/dist/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @hiver.sh/cli@0.1.28 matchedIdentity = npm:QGhpdmVyLnNoL2NsaQ:0.1.28 similarity = 0.915 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

packages/commands/dist/index.jsView on unpkg

Findings

2 High3 Medium7 Low
HighOversized Source Filepackages/inspector-client/dist/assets/monacoThemes-B_8aT0rf.js
HighPrevious Version Dangerous Deltapackages/commands/dist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalpackages/inspector-client/dist/assets/index-ByHwJMFL.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License