registry  /  @ngocsangairvds/vsaf  /  5.1.1

@ngocsangairvds/vsaf@5.1.1

logging step

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package is an AI workflow/skill installer with powerful user-invoked setup and workflow execution features, but install-time behavior is limited to local package linking.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
npm install runs postinstall; vsaf init/install/run are explicit user commands
Impact
May modify project AI/MCP configuration or execute workflow shell steps only when the user invokes the CLI features.
Mechanism
local symlink/copy plus user-invoked workflow and IDE setup
Rationale
Static inspection found high-risk primitives, but they are aligned with an AI workflow/skill installer and are activated by explicit CLI commands rather than hidden install/import behavior. No credential harvesting, exfiltration, persistence, or unconsented lifecycle AI-agent control-surface mutation was confirmed.
Evidence
package.jsonscripts/postinstall.jspackages/cli/dist/index.jspackages/cli/dist/commands/install.jspackages/cli/dist/adapters/codex.jspackages/core/dist/engine/node-runner.jsnode_modules/@vsaf/corepackages/core/distproject .vsaf/project .mcp.jsonproject AGENTS.mdproject .codex/config.tomlproject .agents/skills

Decision evidence

public snapshot
AI called this Clean at 82.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json defines postinstall but script only links/copies local packages/core/dist into node_modules/@vsaf/core
  • packages/core/dist/engine/node-runner.js can execute workflow bash nodes with project env when user runs workflows
  • packages/cli/dist/commands/install.js performs explicit runtime installs such as pipx/npm/gitnexus during vsaf install
  • packages/cli/dist/adapters/codex.js and shared.js write AGENTS.md and MCP config during explicit vsaf install
Evidence against
  • scripts/postinstall.js has no network, env harvesting, or execution beyond local symlink/copy fallback
  • Main/bin entrypoints expose a DAG workflow CLI; risky child_process use is user-invoked workflow/package setup behavior
  • AI-agent config writes are tied to explicit vsaf init/install commands, not install-time mutation
  • No confirmed credential exfiltration path or malicious endpoint in inspected JS entrypoints
  • Scanner secret hits are test fixtures/documentation examples such as suspicious_markdown_file, not live secrets
  • Bundled PDF/test artifacts appear inert and not executed by package lifecycle
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStringsMinifiedProtestwareUrlStrings
ManifestNo manifest risk signals triggered.
scanned 72 file(s), 574 KB of source, external domains: aistudio.google.com, aka.ms, angular.dev, api.anthropic.com, api.openai.com, astral.sh, console.anthropic.com, generativelanguage.googleapis.com, github.com, pipx.pypa.io, platform.openai.com, www.python.org, www.w3.org

Source & flagged code

42 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
skills/vds-skill/runtime/pdf_orchestrator/tests/conftest.pyView file
194patternName = aws_access_key severity = critical line = 194 matchedText = - AKIA12... key
Critical
Critical Secret

Package contains a critical-looking secret pattern.

skills/vds-skill/runtime/pdf_orchestrator/tests/conftest.pyView on unpkg · L194
packages/core/dist/isolation/workspace-manager.jsView file
7const crypto_1 = require("crypto"); L8: const child_process_1 = require("child_process"); L9: const util_1 = require("util");
High
Child Process

Package source references child process execution.

packages/core/dist/isolation/workspace-manager.jsView on unpkg · L7
skills/vds-skill/install-deps.mjsView file
133execSync( L134: 'powershell -ExecutionPolicy Bypass -c "irm https://astral.sh/uv/install.ps1 | iex"', L135: { stdio: 'inherit' },
High
Shell

Package source references shell execution.

skills/vds-skill/install-deps.mjsView on unpkg · L133
scripts/postinstall.jsView file
7* "workspaces" from package.json). This script recreates the link so that L8: * `require('@vsaf/core')` works after `npm install -g`. L9: *
Medium
Dynamic Require

Package source references dynamic require/import behavior.

scripts/postinstall.jsView on unpkg · L7
packages/cli/dist/commands/install.jsView file
73try { L74: (0, child_process_1.execSync)('npm install @ngocsangairvds/pre-require', { cwd: projectPath, stdio: 'inherit', timeout: 120_000 }); L75: }
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

packages/cli/dist/commands/install.jsView on unpkg · L73
skills/vds-skill/runtime/markdown_orchestrator/src/vds_markdown_orchestrator/__init__.pyView file
path = skills/vds-skill/runtime/markdown_orchestrator/src/vds_markdown_orchestrator/__init__.py kind = build_helper sizeBytes = 91 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

skills/vds-skill/runtime/markdown_orchestrator/src/vds_markdown_orchestrator/__init__.pyView on unpkg
skills/vds-skill/runtime/pdf_orchestrator/cli_verification_test/test.pdfView file
path = skills/vds-skill/runtime/pdf_orchestrator/cli_verification_test/test.pdf kind = high_entropy_blob sizeBytes = 40986 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

skills/vds-skill/runtime/pdf_orchestrator/cli_verification_test/test.pdfView on unpkg
skills/vds-skill/runtime/vds_cli/tests/unit/test_cli_DOC004.pyView file
path = skills/vds-skill/runtime/vds_cli/tests/unit/test_cli_DOC004.py kind = payload_in_excluded_dir sizeBytes = 3413 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

skills/vds-skill/runtime/vds_cli/tests/unit/test_cli_DOC004.pyView on unpkg
packages/core/dist/engine/node-runner.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @ngocsangairvds/vsaf@5.1.2 matchedIdentity = npm:QG5nb2NzYW5nYWlydmRzL3ZzYWY:5.1.2 similarity = 0.917 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

packages/core/dist/engine/node-runner.jsView on unpkg
skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.pyView file
226patternName = generic_password severity = medium line = 226 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.py

skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.pyView on unpkg · L226
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView file
25patternName = generic_password severity = medium line = 25 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L25
58patternName = generic_password severity = medium line = 58 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L58
99patternName = generic_password severity = medium line = 99 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L99
119patternName = generic_password severity = medium line = 119 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L119
140patternName = generic_password severity = medium line = 140 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L140
156patternName = generic_password severity = medium line = 156 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L156
175patternName = generic_password severity = medium line = 175 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L175
216patternName = generic_password severity = medium line = 216 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L216
263patternName = generic_password severity = medium line = 263 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L263
304patternName = generic_password severity = medium line = 304 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L304
331patternName = generic_password severity = medium line = 331 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L331
357patternName = generic_password severity = medium line = 357 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L357
385patternName = generic_password severity = medium line = 385 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L385
skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.pyView file
33patternName = generic_password severity = medium line = 33 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.pyView on unpkg · L33
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView file
17patternName = generic_password severity = medium line = 17 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L17
47patternName = generic_password severity = medium line = 47 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L47
82patternName = generic_password severity = medium line = 82 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L82
102patternName = generic_password severity = medium line = 102 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L102
129patternName = generic_password severity = medium line = 129 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L129
149patternName = generic_password severity = medium line = 149 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L149
173patternName = generic_password severity = medium line = 173 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L173
197patternName = generic_password severity = medium line = 197 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L197
217patternName = generic_password severity = medium line = 217 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L217
237patternName = generic_password severity = medium line = 237 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L237
skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.pyView file
33patternName = generic_password severity = medium line = 33 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.pyView on unpkg · L33
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView file
22patternName = generic_password severity = medium line = 22 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L22
55patternName = generic_password severity = medium line = 55 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L55
85patternName = generic_password severity = medium line = 85 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L85
133patternName = generic_password severity = medium line = 133 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L133
149patternName = generic_password severity = medium line = 149 matchedText = mock_set...ass"
Medium
Secret Pattern

Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py

skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L149

Findings

2 Critical6 High37 Medium5 Low
CriticalCritical Secretskills/vds-skill/runtime/pdf_orchestrator/tests/conftest.py
CriticalPrevious Version Dangerous Deltapackages/core/dist/engine/node-runner.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processpackages/core/dist/isolation/workspace-manager.js
HighShellskills/vds-skill/install-deps.mjs
HighRuntime Package Installpackages/cli/dist/commands/install.js
HighShips High Entropy Blobskills/vds-skill/runtime/pdf_orchestrator/cli_verification_test/test.pdf
HighPayload In Excluded Dirskills/vds-skill/runtime/vds_cli/tests/unit/test_cli_DOC004.py
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requirescripts/postinstall.js
MediumEnvironment Vars
MediumProtestware
MediumShips Build Helperskills/vds-skill/runtime/markdown_orchestrator/src/vds_markdown_orchestrator/__init__.py
MediumStructural Risk Force Deep Review
MediumSecret Patternskills/vds-skill/runtime/vds_cli/tests/unit/test_cli.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
MediumSecret Patternskills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings