registry  /  @livx.cc/appwrap  /  0.42.1

@livx.cc/appwrap@0.42.1

Wrap any PWA into a native app with native capabilities (appwrap runtime + @livx.cc/native-kit).

AI Security Review

scanned 1d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established by source inspection. The risky primitives are package-aligned for a PWA-to-native wrapper CLI and are activated by explicit appwrap commands or by the generated app runtime.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs appwrap CLI commands or the generated NativeScript app runtime
Impact
Can create project native wrapper files, CI templates, build hooks, run local build/device tools, and optionally contact user-configured backend URLs
Mechanism
User-invoked native wrapper generation/build/deploy and app bridge capabilities
Rationale
Static inspection shows a native-app wrapper CLI with powerful but expected build/deploy behavior and no install-time execution, credential harvesting, unconsented agent-control mutation, or remote code execution. Network and file operations are either user-configured or part of explicit project scaffolding/build workflows.
Evidence
package.jsonsrc/cli.tssrc/config.tsscripts/stage-assets.mjsruntime/app/shell/bridge.tsruntime/app/shell/handlers-fs.tsruntime/app/shell/handlers-push.tsruntime/app/shell/handlers-extended.tsruntime/package.jsonnative/native/.gitignorenative/hooks/after-prepare/appwrap-signing.jsnative/hooks/after-prepare/appwrap-storekit.js.github/workflows/appwrap-release-ios.yml.github/workflows/appwrap-pr.yml.github/workflows/appwrap-release-android.ymlnative/fastlane/Fastfilenative/fastlane/Matchfilenative/app/shell/config.tsnative/www-src/
Network endpoints5
github.com/Livshitz/appwrap#readmegithub.com/Livshitz/appwrap/issuesappwrap.local/localhost:9222@livx.cc/mcp-appstores via bunx

Decision evidence

public snapshot
AI called this Clean at 88.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no install/preinstall/postinstall lifecycle hooks; only prepack/postpack publish-time scripts
    • src/cli.ts child_process use is in explicit CLI commands for NativeScript, bun, adb/xcrun/fastlane, curl, and publish workflows
    • src/cli.ts writes native wrapper files, hooks/after-prepare, and .github/workflows only during user-invoked appwrap init/sync/build/deploy flows
    • src/cli.ts dynamic imports load package manifest/capability data and user-selected appwrap config, not remote code
    • runtime/app/shell handlers expose native app capabilities to the wrapped PWA and constrain fs paths to app sandbox roots
    • No Claude/Codex/Cursor/MCP/agent control-surface writes or lifecycle persistence found
    Behavioral surface
    Source
    ChildProcessDynamicRequireEnvironmentVarsFilesystemShell
    Supply chain
    HighEntropyStringsMinifiedUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 57 file(s), 586 KB of source, external domains: app.example.com, appwrap.local, www.apple.com

    Source & flagged code

    4 flagged · loading source
    src/cli.tsView file
    matchType = previous_version_dangerous_delta matchedPackage = @livx.cc/appwrap@0.41.0 matchedIdentity = npm:QGxpdnguY2MvYXBwd3JhcA:0.41.0 similarity = 0.923 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    src/cli.tsView on unpkg
    10*/ L11: import { execFileSync, spawn } from 'child_process'; L12: import { cpSync, existsSync, mkdirSync, openSync, closeSync, readdirSync, readFileSync, readSync, rmSync, statSync, writeFileSync, writeSync } from 'fs';
    High
    Child Process

    Package source references child process execution.

    src/cli.tsView on unpkg · L10
    1731if (!existsSync(join(outDir, 'node_modules'))) { L1732: console.log(`▶ bun install (cwd: ${outDir})`); L1733: execFileSync('bun', ['install'], { cwd: outDir, stdio: 'inherit', env }); L1734: }
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    src/cli.tsView on unpkg · L1731
    runtime/app/shell/handlers-extended.tsView file
    187// ── secure storage (Keychain/Keystore via @nativescript/secure-storage) ── L188: const secure = new (require('@nativescript/secure-storage').SecureStorage)(); L189: bridge.register('storage.secure.get', async ({ key }: { key: string }) =>
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    runtime/app/shell/handlers-extended.tsView on unpkg · L187

    Findings

    1 Critical3 High3 Medium4 Low
    CriticalPrevious Version Dangerous Deltasrc/cli.ts
    HighChild Processsrc/cli.ts
    HighShell
    HighRuntime Package Installsrc/cli.ts
    MediumDynamic Requireruntime/app/shell/handlers-extended.ts
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings