registry  /  @radhya/mach  /  2.0.30

@radhya/mach@2.0.30

Mach CLI: Cloud Build Orchestrator for React Native & Expo

AI Security Review

scanned 2d ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. Explicit agent installation creates a first-party background device-discovery service. It persists only after a user invokes the agent install command and exposes local endpoints on 127.0.0.1:7070.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs `mach agent install`.
Impact
Creates login/background persistence and a local device-install control surface.
Mechanism
First-party OS service registration for a local CLI agent.
Rationale
Source inspection does not support a malicious install-time or covert execution verdict. The explicit cross-platform agent persistence is a real first-party extension lifecycle risk and merits a warning under the stated policy.
Evidence
package.jsonREADME.mddist/index.jsdist/chunk-S64YFTRR.js~/Library/LaunchAgents/com.radhya.mach.agent.plist~/.config/systemd/user/com.radhya.mach.agent.service~/.mach/agent.cmd~/.mach/agent.log~/.mach/agent.error.log
Network endpoints3
127.0.0.1:7070mach-api.securejs.ingetmach.dev

Decision evidence

public snapshot
AI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `dist/index.js` implements `mach agent install` persistence.
  • Agent install writes macOS LaunchAgent, systemd, or Windows task definitions.
  • The persisted agent runs the package CLI as `agent run` and listens on localhost port 7070.
  • CLI handles user-supplied build credentials, environment files, SSH, and cloud API requests.
Evidence against
  • `package.json` has no preinstall, install, or postinstall hook.
  • Persistence is behind the explicit `mach agent install` command.
  • `README.md` documents agent start/install/uninstall and localhost-only use.
  • No source evidence of credential harvesting or unrelated outbound exfiltration was found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 6 file(s), 412 KB of source, external domains: 127.0.0.1, 169.254.169.254, api.appstoreconnect.apple.com, app.example.com, appstoreconnect.apple.com, deb.nodesource.com, developer.android.com, developer.apple.com, dl.google.com, example.com, getmach.dev, github.com, mach-api.securejs.in, www.apple.com, www.sitemaps.org

Source & flagged code

9 flagged · loading source
dist/index.jsView file
1429patternName = private_key_rsa severity = critical line = 1429 matchedText = `):n||e....----
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/index.jsView on unpkg · L1429
17`)} L18: </urlset>`}import{randomUUID as zu}from"crypto";import he from"path";import zn from"axios";import Wu from"os";import{spinner as Sr,select as Rs,confirm as Ds,isCancel as Wn,cancel ... L19: # --- Mach Cloud Build Script (Android) --- ... L32: export CI=true L33: export npm[redacted]=false L34: export npm[redacted]=true
Critical
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution with blocking evidence.

dist/index.jsView on unpkg · L17
623Trigger-reachable chain: manifest.main -> dist/index.js L623: `),Dt.info(Pt.dim("React Native Podfile fingerprint changed - clearing Pods for clean install...")),st.rmSync(g,{recursive:!0,force:!0})):$&&ac(y,w)&&(await s(`[CACHE] React Native... L624: `),Dt.info(Pt.dim("React Native Pods manifest is out of sync - clearing Pods for clean install...")),st.rmSync(g,{recursive:!0,force:!0}));let x="/opt/homebrew/bin/pod",E=st.exists... L625: `):"",f;if(r){let b=Eo.isAbsolute(r)?r:Eo.resolve(process.cwd(),r);Ao.existsSync(b)?(f=Ao.readFileSync(b,"utf-8"),Tn.info(bo.magenta(`\u2713 Loaded preBuild hook: ${r}`))):Tn.warn(... ... L631: {{ENV_VARS}} L632: `).replace("{{FRAMEWORK_ANDROID_VERSION_CODE}}",s.androidRemoteVersionCodeScript().trim()).replace("{{FRAMEWORK_ANDROID_PREBUILD}}",s.androidRemotePrebuildScript().trim()).replace(... L633: # --- Mach Cloud Build Script (iOS) ---
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/index.jsView on unpkg · L623
1429patternName = private_key_rsa severity = critical line = 1429 matchedText = `):n||e....----
Critical
Secret Pattern

RSA private key in dist/index.js

dist/index.jsView on unpkg · L1429
17`)} L18: </urlset>`}import{randomUUID as zu}from"crypto";import he from"path";import zn from"axios";import Wu from"os";import{spinner as Sr,select as Rs,confirm as Ds,isCancel as Wn,cancel ... L19: # --- Mach Cloud Build Script (Android) ---
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L17
623`),Dt.info(Pt.dim("React Native Podfile fingerprint changed - clearing Pods for clean install...")),st.rmSync(g,{recursive:!0,force:!0})):$&&ac(y,w)&&(await s(`[CACHE] React Native... L624: `),Dt.info(Pt.dim("React Native Pods manifest is out of sync - clearing Pods for clean install...")),st.rmSync(g,{recursive:!0,force:!0}));let x="/opt/homebrew/bin/pod",E=st.exists... L625: `):"",f;if(r){let b=Eo.isAbsolute(r)?r:Eo.resolve(process.cwd(),r);Ao.existsSync(b)?(f=Ao.readFileSync(b,"utf-8"),Tn.info(bo.magenta(`\u2713 Loaded preBuild hook: ${r}`))):Tn.warn(... ... L631: {{ENV_VARS}} L632: `).replace("{{FRAMEWORK_ANDROID_VERSION_CODE}}",s.androidRemoteVersionCodeScript().trim()).replace("{{FRAMEWORK_ANDROID_PREBUILD}}",s.androidRemotePrebuildScript().trim()).replace(... L633: # --- Mach Cloud Build Script (iOS) ---
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.jsView on unpkg · L623
1#!/usr/bin/env node L2: import{a as Ht,b as nn,c as oo,d as Rt,e as _e,f as ke,g as so,h as ao,i as jt,j as lo,l as rn}from"./chunk-6LOQKG2J.js";import{a as m,b as no,c as Ce,d as io,e as ro,f as Bt,g as ... L3: `;s+=`Region: ${sn.cyan(o.region)} ... L6: CloudFront ID: ${sn.cyan(o.cloudFrontId)}`,s+=` L7: CloudFront URL: ${sn.blue(o.cloudFrontUrl)}`),Jl(s,"Setup Complete!"),Yl("You are all set!")}catch(r){i.stop("Setup failed"),on(`Error: ${r.response?.data?.message||r.message}`)}... L8: ${s.map(u=>` \u2022 ${u.path}`).join(` ... L17: `)} L18: </urlset>`}import{randomUUID as zu}from"crypto";import he from"path";import zn from"axios";import Wu from"os";import{spinner as Sr,select as Rs,confirm as Ds,isCancel as Wn,cancel ... L19: # --- Mach Cloud Build Script (Android) --- ... L32: export CI=true L33: export npm[redacted]=false L34: export npm[redacted]=true
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

dist/index.jsView on unpkg · L1
1533patternName = generic_password severity = medium line = 1533 matchedText = `).filte...in(`
Medium
Secret Pattern

Hardcoded password in dist/index.js

dist/index.jsView on unpkg · L1533
dist/chunk-6LOQKG2J.jsView file
37patternName = generic_password severity = medium line = 37 matchedText = Manual U...in(`
Medium
Secret Pattern

Hardcoded password in dist/chunk-6LOQKG2J.js

dist/chunk-6LOQKG2J.jsView on unpkg · L37

Findings

4 Critical2 High6 Medium5 Low
CriticalCritical Secretdist/index.js
CriticalSame File Env Network Executiondist/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/index.js
CriticalSecret Patterndist/index.js
HighChild Processdist/index.js
HighCommand Output Exfiltrationdist/index.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/index.js
MediumStructural Risk Force Deep Review
MediumSecret Patterndist/index.js
MediumSecret Patterndist/chunk-6LOQKG2J.js
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings