registry  /  @lucidetech/shiprun  /  0.6.0

@lucidetech/shiprun@0.6.0

Scans your vibe-coded Next.js + Supabase app and tells you exactly what's missing to make it production-ready.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The package is a local security/readiness scanner with user-invoked report generation and Claude Code helper setup. The main unresolved risk is first-party AI-agent lifecycle mutation, not malware or install-time compromise.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs shiprun scan or shiprun deploy
Impact
Claude Code may run the package-owned SessionStart hook in the target repo and generated agents may influence future assistant behavior within shiprun-scoped findings.
Mechanism
local scanner writes reports, state, and Claude Code hook/agent helper files
Rationale
Source inspection supports a warning for first-party, user-invoked Claude control-surface setup, but not a publish block. Scanner hits for secrets/network are package-aligned detectors and documentation examples rather than embedded secrets or exfiltration.
Evidence
package.jsondist/cli.jsdist/hook.jsdist/deploy.jsdist/fixer.jsdist/checks/secrets.jsdist/checks/dependencies.jsREADME.mdSHIPRUN.mdshiprun-report/./.shiprun/findings.json./.shiprun/history.jsonl./.shiprun/changelog.md./.claude/settings.json./.claude/hooks/shiprun-context.cjs./.claude/context/shiprun-house-rules.md./.claude/agents/shiprun-fix-*.mdCLAUDE.md./.shiprun/deploy-manifest.json.gitignore.github/workflows/ci.yml.env.example

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • dist/cli.js default scan calls ensureSessionStartHook unless --no-hook is passed.
  • dist/hook.js writes .claude/hooks/shiprun-context.cjs and registers it in .claude/settings.json SessionStart.
  • dist/deploy.js user-invoked deploy writes .claude/context, .claude/agents, and a managed CLAUDE.md block.
Evidence against
  • package.json has no preinstall/install/postinstall; prepare/prepublishOnly only run npm build.
  • Generated hook only reads .shiprun/findings.json and history.jsonl, prints a local summary, and has no network code.
  • No external network endpoints found; npm audit/git ls-files are scanner checks, not payload download or exfiltration.
  • Secret patterns in dist/checks/secrets.js are regex detectors for user project scanning, not embedded credentials.
  • Writes are documented CLI behavior for reports, local state, fix scaffolding, and Claude helper files.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 24 file(s), 126 KB of source

Source & flagged code

2 flagged · loading source
dist/checks/secrets.jsView file
18patternName = private_key_rsa severity = critical line = 18 matchedText = { name: .../ },
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/checks/secrets.jsView on unpkg · L18
18patternName = private_key_rsa severity = critical line = 18 matchedText = { name: .../ },
Critical
Secret Pattern

RSA private key in dist/checks/secrets.js

dist/checks/secrets.jsView on unpkg · L18

Findings

2 Critical2 Medium4 Low
CriticalCritical Secretdist/checks/secrets.js
CriticalSecret Patterndist/checks/secrets.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings