registry  /  @memberjunction/schema-engine  /  5.44.0

@memberjunction/schema-engine@5.44.0

MemberJunction Schema Engine - generic, platform-aware DDL generation for any MJ consumer (integrations, agents, developers)

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.
Trigger
Caller invokes `RuntimeSchemaManager.RunPipeline` while `ALLOW_RUNTIME_SCHEMA_UPDATE=1` is set.
Impact
A trusted caller/configuration can alter project files and database schema, execute configured commands, restart a service, and create repository changes.
Mechanism
Configured filesystem, database, process, GitHub, and restart orchestration.
Rationale
Source inspection finds no malicious installation, persistence, exfiltration, or covert execution behavior. Because it exports powerful runtime mutation and command-orchestration primitives, it warrants a warning rather than a clean firewall verdict.
Evidence
package.jsondist/index.jsdist/RuntimeSchemaManager.jsdist/MigrationFileWriter.js

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `dist/RuntimeSchemaManager.js` runs a runtime schema-update pipeline gated by `ALLOW_RUNTIME_SCHEMA_UPDATE=1`.
  • The pipeline writes migration/config/post-restart files, executes database DDL, and can invoke configured CodeGen, compile, and restart shell commands.
  • `dist/RuntimeSchemaManager.js` supports authenticated GitHub commits and pull requests through Octokit.
  • `writePostRestartFiles` writes caller-supplied paths and contents without package-local path confinement.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or bin hook.
  • `dist/index.js` only exports APIs; import has no pipeline invocation.
  • Runtime mutation requires an explicit `RunPipeline` call plus opt-in environment configuration.
  • No credential harvesting, hidden exfiltration, remote payload loading, obfuscation, or AI-agent control-surface mutation was found.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 11 file(s), 105 KB of source

Source & flagged code

2 flagged · loading source
dist/RuntimeSchemaManager.jsView file
Published source reference
Medium
Ai Review Evidence

`dist/RuntimeSchemaManager.js` runs a runtime schema-update pipeline gated by `ALLOW_RUNTIME_SCHEMA_UPDATE=1`.

dist/RuntimeSchemaManager.jsView on unpkg
Published source reference
Medium
Ai Review Evidence

`dist/RuntimeSchemaManager.js` supports authenticated GitHub commits and pull requests through Octokit.

dist/RuntimeSchemaManager.jsView on unpkg

Findings

6 Medium3 Low
MediumNetwork
MediumEnvironment Vars
MediumAi Review Evidencedist/RuntimeSchemaManager.js
MediumAi Review Evidence
MediumAi Review Evidencedist/RuntimeSchemaManager.js
MediumAi Review Evidence
LowScripts Present
LowFilesystem
LowHigh Entropy Strings