registry  /  @pellux/goodvibes-tui  /  1.1.0

@pellux/goodvibes-tui@1.1.0

Terminal-native GoodVibes product for coding, operations, automation, knowledge, channels, and daemon-backed control-plane workflows.

AI Security Review

scanned 7d ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. Lifecycle setup deploys package-owned GoodVibes agent/skill content into the user's GoodVibes home and downloads platform binaries. This is an agent extension lifecycle risk, but no foreign AI-agent control surface hijack or credential exfiltration was confirmed.

Static reason
High-risk behavior combination matched malicious policy.; source matched previously finalized malicious package; routed for review
Trigger
npm/bun install postinstall; CLI launch if vendor binary missing
Impact
Installs GoodVibes-owned agent instructions/skills globally for the product and executes downloaded GoodVibes binaries on CLI use.
Mechanism
first-party GoodVibes extension deployment and release-binary download
Policy narrative
On install, the postinstall script downloads release binaries and copies bundled GoodVibes instructions, agents, and skills into the user's GoodVibes home directory. The planted content is agent-facing and global within the GoodVibes product, but source inspection found it confined to the package's own namespace rather than foreign agent configs such as Claude, Codex, Cursor, or MCP autoload files.
Rationale
The package has unconsented lifecycle deployment of first-party agent extension material, which merits a warning under the provided policy, but the writes are package-owned and package-aligned with no confirmed exfiltration, persistence outside GoodVibes, or foreign AI-agent control-surface mutation. Scanner hits around hooks, sandbox, network, and secrets map to documented TUI/daemon features rather than concrete malicious behavior.
Evidence
package.jsonscripts/postinstall.jsbin/goodvibesbin/goodvibes-daemonbin/launcher-support.js.goodvibes/GOODVIBES.md.goodvibes/agents/reviewer.md.goodvibes/skills/add-provider/SKILL.mdvendor/SHA256SUMS.txtvendor/goodvibes-*vendor/goodvibes-daemon-*~/.goodvibes/GOODVIBES.md~/.goodvibes/tui/skills/*~/.goodvibes/tui/agents/*
Network endpoints3
github.com/mgd34msu/goodvibes-tui/releases/download/v1.1.0/SHA256SUMS.txtgithub.com/mgd34msu/goodvibes-tui/releases/download/v1.1.0/goodvibes-linux-x64github.com/mgd34msu/goodvibes-tui/releases/download/v1.1.0/goodvibes-daemon-linux-x64

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • scripts/postinstall.js copies bundled .goodvibes/GOODVIBES.md, agents, and skills into ~/.goodvibes on install if absent
  • Bundled .goodvibes/GOODVIBES.md contains agent-facing operational directives
  • bin launchers can fetch release binaries on first CLI use when vendor binary is missing
Evidence against
  • Home writes stay under GoodVibes-owned ~/.goodvibes namespace, not Claude/Codex/Cursor/MCP foreign surfaces
  • scripts/check-bun.sh only validates Bun availability
  • Downloaded binaries are from package repository release URL and checked against SHA256SUMS when checksums are present
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 484 file(s), 4.41 MB of source, external domains: 127.0.0.1, 192.168.0.85, api.github.com, astral.sh, bluebubbles.local, bun.sh, cloud.debian.org, daemon.example.com, deno.land, discord.com, example.com, github.com, goodvibes-batch-worker.account.workers.dev, homeassistant.local, imessage-bridge.local, install.duckdb.org, matrix.example.com, mattermost.example.com, ntfy.sh, signal-bridge.local, slack.com, smba.trafficmanager.net

Source & flagged code

16 flagged · loading source
package.jsonView file
scripts.preinstall = sh scripts/check-bun.sh
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = sh scripts/check-bun.sh
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
scripts.postinstall = bun scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
src/panels/builtin/session.tsView file
35patternName = generic_password severity = medium line = 35 matchedText = return l...m();
Medium
Secret Pattern

Package contains a possible secret pattern.

src/panels/builtin/session.tsView on unpkg · L35
bin/launcher-support.jsView file
2import { createHash } from 'node:crypto'; L3: import { spawnSync } from 'node:child_process'; L4: import { join } from 'node:path';
High
Child Process

Package source references child process execution.

bin/launcher-support.jsView on unpkg · L2
matchType = normalized_sha256 matchedPackage = @pellux/goodvibes-tui@0.29.0 matchedPath = bin/launcher-support.js matchedIdentity = npm:QHBlbGx1eC9nb29kdmliZXMtdHVp:0.29.0 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

bin/launcher-support.jsView on unpkg
src/input/commands/hooks-runtime.tsView file
120} L121: await workbench.import(path, strategy); L122: ctx.print(`Imported managed hooks from ${path} using ${strategy} strategy.`);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/input/commands/hooks-runtime.tsView on unpkg · L120
src/verification/live-verifier.tsView file
89} L90: return `http://127.0.0.1:${port}`; L91: } ... L94: return new Promise((resolveCommand) => { L95: const child = spawn(command, args, { L96: cwd, L97: env: { ...process.env, NO_COLOR: '1' }, L98: stdio: ['ignore', 'pipe', 'pipe'],
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

src/verification/live-verifier.tsView on unpkg · L89
src/runtime/sandbox-public-gaps.tsView file
2import { dirname, resolve } from 'node:path'; L3: import { spawnSync } from 'node:child_process'; L4: import { ... L191: backend: 'local', L192: command: process.env.SHELL || 'bash', L193: args: ['-lc', `echo "goodvibes sandbox ${profile.id}: ${label}"`], ... L207: readonly status: number | null; L208: readonly stdout: string; L209: readonly stderr: string; ... L367: const authorizedKeys = publicKey L368: ? ` ssh_authorized_keys:\n - ${publicKey}\n` L369: : ' # Generate keys/goodvibes_qemu_ed25519.pub before rebuilding nocloud.iso.\n';
Critical
Persistence Backdoor

Source writes persistence or remote-access backdoor material.

src/runtime/sandbox-public-gaps.tsView on unpkg · L2
scripts/check-bun.shView file
path = scripts/check-bun.sh kind = build_helper sizeBytes = 461 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

scripts/check-bun.shView on unpkg
src/input/commands/platform-sandbox-qemu.tsView file
matchType = normalized_sha256 matchedPackage = @pellux/goodvibes-tui@0.29.0 matchedPath = src/input/commands/platform-sandbox-qemu.ts matchedIdentity = npm:QHBlbGx1eC9nb29kdmliZXMtdHVp:0.29.0 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

src/input/commands/platform-sandbox-qemu.tsView on unpkg
src/cli/completions/generate.tsView file
matchType = normalized_sha256 matchedPackage = @pellux/goodvibes-tui@0.29.0 matchedPath = src/cli/completions/generate.ts matchedIdentity = npm:QHBlbGx1eC9nb29kdmliZXMtdHVp:0.29.0 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

src/cli/completions/generate.tsView on unpkg
src/cli/help.tsView file
matchType = normalized_sha256 matchedPackage = @pellux/goodvibes-tui@0.29.0 matchedPath = src/cli/help.ts matchedIdentity = npm:QHBlbGx1eC9nb29kdmliZXMtdHVp:0.29.0 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

src/cli/help.tsView on unpkg
src/runtime/sandbox-qemu-templates.tsView file
matchType = normalized_sha256 matchedPackage = @pellux/goodvibes-tui@0.29.0 matchedPath = src/runtime/sandbox-qemu-templates.ts matchedIdentity = npm:QHBlbGx1eC9nb29kdmliZXMtdHVp:0.29.0 similarity = 1.000 summary = normalized source hash matched finalized malicious source
High
Known Malware Source Similarity

Source file is highly similar to a previously finalized malicious package; route for source-aware review.

src/runtime/sandbox-qemu-templates.tsView on unpkg
src/runtime/onboarding/apply.tsView file
91patternName = generic_password severity = medium line = 91 matchedText = if (line...th);
Medium
Secret Pattern

Hardcoded password in src/runtime/onboarding/apply.ts

src/runtime/onboarding/apply.tsView on unpkg · L91
src/daemon/cli.tsView file
73patternName = generic_password severity = medium line = 73 matchedText = return l...m();
Medium
Secret Pattern

Hardcoded password in src/daemon/cli.ts

src/daemon/cli.tsView on unpkg · L73

Findings

1 Critical9 High10 Medium4 Low
CriticalPersistence Backdoorsrc/runtime/sandbox-public-gaps.ts
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processbin/launcher-support.js
HighShell
HighSame File Env Network Executionsrc/verification/live-verifier.ts
HighKnown Malware Source Similaritybin/launcher-support.js
HighKnown Malware Source Similaritysrc/input/commands/platform-sandbox-qemu.ts
HighKnown Malware Source Similaritysrc/cli/completions/generate.ts
HighKnown Malware Source Similaritysrc/cli/help.ts
HighKnown Malware Source Similaritysrc/runtime/sandbox-qemu-templates.ts
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumSecret Patternsrc/panels/builtin/session.ts
MediumDynamic Requiresrc/input/commands/hooks-runtime.ts
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperscripts/check-bun.sh
MediumStructural Risk Force Deep Review
MediumSecret Patternsrc/runtime/onboarding/apply.ts
MediumSecret Patternsrc/daemon/cli.ts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings