registry  /  @opentf/web-docs  /  0.3.0

@opentf/web-docs@0.3.0

Documentation-site generator for OTF Web — themed shell components (sidebar, TOC, callouts, tabs), a build-time nav generator, and a default light/dark theme.

AI Security Review

scanned 17h ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The risky primitives are docs-generator aligned: local content reads, git metadata lookup, Pagefind indexing, and site-local runtime search loading.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User imports components or explicitly runs the docs build integration through @opentf/web tooling.
Impact
Build may read project docs/pages and write a local Pagefind search index; no exfiltration or persistence observed.
Mechanism
benign documentation-site generation and UI components
Rationale
Static source inspection shows a documentation package with build-time filesystem scanning and git metadata helpers, but no install-time execution, credential access, external network exfiltration, persistence, destructive behavior, or AI-agent control-surface mutation. Scanner hits are explained by package-aligned dynamic imports, local file reads, and BOM-tolerant frontmatter regexes.
Evidence
package.jsonindex.jsbuild/index.jsbuild/frontmatter.jsbuild/docs-nav-plugin.jsbuild/last-updated.jsbuild/last-updated-plugin.jsbuild/pagefind.jscomponents/Search.jsxapp/* page and _meta files read by build pluginsdist/**/*.html read by Pagefind indexingdist/pagefind written by Pagefind indexing

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • build/last-updated.js and build/last-updated-plugin.js invoke git via execFileSync during docs build metadata generation.
  • build/docs-nav-plugin.js dynamically imports user project _meta.js files during build, an expected config-loading path.
  • components/Search.jsx dynamically imports /pagefind/pagefind.js at runtime for site-local search.
Evidence against
  • package.json has no preinstall/install/postinstall hooks and only a test script.
  • build/frontmatter.js only reads local markdown frontmatter; the flagged invisible character is a BOM-tolerant regex marker, not bidi control flow hiding.
  • No credential, env, npm token, SSH, home-directory, or agent config harvesting found by source grep.
  • No exfiltration endpoints or outbound network APIs found in package source.
  • build/pagefind.js reads built HTML and writes a static dist/pagefind index for package-aligned search.
  • Entrypoints index.js and build/index.js only re-export components/build helpers.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 45 file(s), 92.7 KB of source, external domains: www.w3.org

Source & flagged code

3 flagged · loading source
components/Search.jsxView file
16const path = "/pagefind/pagefind.js"; L17: pagefindPromise = import(/* @vite-ignore */ path).then(async (pf) => { L18: await pf.init?.();
Medium
Dynamic Require

Package source references dynamic require/import behavior.

components/Search.jsxView on unpkg · L16
build/frontmatter.jsView file
18contains invisible/control Unicode U+FEFF (zero width no-break space) const m = source.match(/^<U+FEFF>?---\r?\n([\s\S]*?)\r?\n---/);
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

build/frontmatter.jsView on unpkg · L18
Trigger-reachable chain: manifest.exports -> build/index.js -> build/blog-posts-plugin.js -> build/frontmatter.js Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

build/frontmatter.jsView on unpkg

Findings

2 Critical2 Medium4 Low
CriticalTrojan Source Unicodebuild/frontmatter.js
CriticalTrigger Reachable Dangerous Capabilitybuild/frontmatter.js
MediumDynamic Requirecomponents/Search.jsx
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings