registry  /  @holoscript/holorepo  /  0.6.1

@holoscript/holorepo@0.6.1

Sovereign GitHub + DB + HoloScript knowledge store with living repository portraits for agents and humans.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. Network, filesystem, database, and provider-copy behavior is exposed through explicit user-invoked CLI/API operations and configured destinations.

Static reason
One or more suspicious static signals were detected.
Trigger
Explicit CLI/API use such as `absorb sync --invoke`, database commands, delivery import with `--write`, or mirror readback.
Impact
Can perform the requested adapter, database, filesystem-copy, or provider-copy operation; no automatic install/import-time behavior or hidden persistence was found.
Mechanism
User-configured operational transports and receipt generation.
Rationale
Source inspection found a feature-rich, user-operated repository/database delivery CLI, not an unconsented execution or exfiltration chain. The scanner signals correspond to optional imports, configured environment references, and explicit transport commands.
Evidence
package.jsonbin/holorepo.mjssrc/embedder.mjssrc/absorb.mjssrc/adapter.mjssrc/db.mjssrc/delivery.mjssrc/graph.mjssrc/soul.mjssrc/participation.mjssrc/index.mjs
Network endpoints4
127.0.0.1:7411/mcpabsorb.holoscript.net/mcpregistry.npmjs.orgpypi.org

Decision evidence

public snapshot
AI called this Clean at 95.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `src/absorb.mjs` can POST explicitly requested adapter calls and sends `ABSORB_API_KEY` only for its remote mode.
  • `src/delivery.mjs` can run configured `aws`, `rclone`, `mc`, or `scp` copy commands during an explicit delivery import.
  • `src/adapter.mjs` supports user-configured PostgreSQL, Docker, and SSH database transports.
Evidence against
  • `package.json` contains no npm lifecycle hooks; install does not execute package code.
  • `bin/holorepo.mjs` gates adapter network invocation behind `absorb sync --invoke` and writes behind `--write`.
  • `src/embedder.mjs` dynamically imports only a caller-selected optional encoder; no eval, VM, or arbitrary shell loading is present.
  • `src/delivery.mjs` uses fixed command templates with `shell: false`; source shows no credential harvesting or covert exfiltration.
  • No source writes `.claude`, `.cursor`, Copilot, Codex, npm, SSH, or other AI-agent control-surface configuration.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 18 file(s), 409 KB of source, external domains: 127.0.0.1, absorb.holoscript.net, github.com, pypi.org, registry.npmjs.org

Source & flagged code

6 flagged · loading source
src/absorb.mjsView file
64patternName = generic_password severity = medium line = 64 matchedText = if (url....ed';
Medium
Secret Pattern

Package contains a possible secret pattern.

src/absorb.mjsView on unpkg · L64
src/embedder.mjsView file
17try { L18: mod = await import(encoderModule); L19: } catch {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/embedder.mjsView on unpkg · L17
src/ci.mjsView file
38patternName = generic_password severity = medium line = 38 matchedText = if (url....ed';
Medium
Secret Pattern

Hardcoded password in src/ci.mjs

src/ci.mjsView on unpkg · L38
src/git.mjsView file
37patternName = generic_password severity = medium line = 37 matchedText = if (url....ed';
Medium
Secret Pattern

Hardcoded password in src/git.mjs

src/git.mjsView on unpkg · L37
src/config.mjsView file
213patternName = generic_password severity = medium line = 213 matchedText = if (url....ed';
Medium
Secret Pattern

Hardcoded password in src/config.mjs

src/config.mjsView on unpkg · L213
254patternName = generic_password severity = medium line = 254 matchedText = redacted...d>';
Medium
Secret Pattern

Hardcoded password in src/config.mjs

src/config.mjsView on unpkg · L254

Findings

7 Medium4 Low
MediumSecret Patternsrc/absorb.mjs
MediumDynamic Requiresrc/embedder.mjs
MediumEnvironment Vars
MediumSecret Patternsrc/ci.mjs
MediumSecret Patternsrc/git.mjs
MediumSecret Patternsrc/config.mjs
MediumSecret Patternsrc/config.mjs
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings