AI Security Review
scanned 15d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is an interactive HubSpot starter-theme generator with expected project creation, dependency installation, HubSpot auth, and limited usage telemetry.
Static reason
One or more suspicious static signals were detected.
Trigger
User runs npx/create-cms-theme CLI and confirms prompts.
Impact
Creates a user-selected theme directory, installs dependencies, may globally install @hubspot/cli, and starts HubSpot authentication.
Mechanism
interactive project scaffolding plus HubSpot-aligned telemetry and commands
Rationale
The suspicious primitives are package-aligned for a scaffold CLI and are gated behind user execution/confirmation, with no lifecycle execution or covert exfiltration found. The telemetry is disclosed by source behavior and limited to usage metadata, not secrets or local file contents.
Evidence
package.jsondist/run.jsdist/index.jsdist/utils.jsdist/createCmsThemeUsageTracker.jstemplates/js-starter-theme/package.jsontemplates/ts-starter-theme/package.json<themeDestinationDir>/<themeName><themeDestinationDir>/<themeName>/src/theme/my-themehubspot.config.yml via hs account auth
Decision evidence
public snapshotAI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
- dist/createCmsThemeUsageTracker.js posts usage telemetry containing node version, OS, action, and TS choice via @hubspot/local-dev-lib endpoint path cms-dev-server-usage/v1/create-cms-theme.
- dist/utils.js uses child_process spawn/execSync for npm installs and hs account auth, but only after interactive CLI confirmation.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks; bin is create-cms-theme -> dist/run.js.
- dist/run.js only invokes createCmsStarterTheme; behavior is user-invoked CLI, not import-time execution except explicit run.
- dist/index.js prompts for theme name/destination, confirms actions, copies bundled JS/TS starter templates, then installs HubSpot CLI/deps and runs HubSpot auth.
- dist/utils.js file writes are limited to user-selected destinationDir copied from bundled templates and placeholder replacement.
- No credential/env harvesting, persistence, destructive deletion, dynamic eval/import, native binary loading, or reviewer/AI-agent control writes found.
- package.json dependency named path is a known npm path polyfill/runtime dependency, not evidence of builtin dependency confusion by itself.
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
Source & flagged code
1 flagged · loading sourcepackage.jsonView file
•Runtime dependency names matching Node built-ins: path
High
Node Builtin Dependency Squat
Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgFindings
1 High1 Medium3 Low
HighNode Builtin Dependency Squatpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings