registry  /  @reventlessdev/reventless-host-shell  /  3.0.0-alpha.36

@reventlessdev/reventless-host-shell@3.0.0-alpha.36

Reventless host shell SPA — loads plugin UI fragments at runtime via Module Federation

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package is a host-shell SPA/CLI that serves built assets, authenticates to configured local/platform GraphQL endpoints, and dynamically loads platform-provided plugin UI remotes as part of its advertised functionality.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User explicitly runs the reventless-host-shell bin or opens the served SPA.
Impact
No unconsented install-time execution or exfiltration identified by static inspection.
Mechanism
User-invoked Vite preview plus platform-aligned GraphQL/auth/module-federation runtime behavior.
Rationale
Static inspection shows scanner hits are package-aligned SPA/auth/module-federation behavior rather than credential phishing or malware. There is no install-time mutation, secret harvesting, persistence, destructive action, or off-package exfiltration endpoint.
Evidence
package.jsonbin/start.mjsvite.config.mjsdist/config.jsondist/index.htmldist/assets/index-C_UQtxWU.jsdist/assets/virtual_mf-REMOTE_ENTRY_ID___mfe_internal__reventless_host_shell__remoteEntry-_hash_-24rXeWYj.jsdist/
Network endpoints6
/graphql/platform-graphql/__inmemory/login/config.jsonlocalhost:4000localhost:4001

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • bin/start.mjs uses child_process.spawn, but only to run Vite preview for packaged dist when user invokes the CLI.
  • dist/assets/index-C_UQtxWU.js loads module-federation remoteEntryUrl values returned by Platform_UIFragments GraphQL data.
Evidence against
  • package.json has no preinstall/install/postinstall hook; only prepublishOnly build script is present.
  • bin/start.mjs does not fetch remote code, mutate files, or run shell commands beyond vite preview.
  • dist/config.json points API traffic to same-origin /graphql and /platform-graphql.
  • vite.config.mjs proxies those paths to localhost:4000 and localhost:4001 for local platform use.
  • Auth/password/token strings in dist/assets/index-C_UQtxWU.js are app login flows using /__inmemory/login, Cognito SDK, Authorization headers, and localStorage, not credential exfiltration.
  • No filesystem harvesting, destructive behavior, persistence, or AI-agent control-surface writes found.
Behavioral surface
Source
ChildProcessDynamicRequireEvalNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedProtestwareUrlStrings
Manifest
NoLicense
scanned 17 file(s), 796 KB of source, external domains: cognito-idp-fips.us-east-1.amazonaws.com, cognito-idp-fips.us-east-2.amazonaws.com, cognito-idp-fips.us-west-1.amazonaws.com, cognito-idp-fips.us-west-2.amazonaws.com, cognito-idp.amazonaws.com, github.com, reactjs.org, underscorejs.org, www.w3.org

Source & flagged code

2 flagged · loading source
bin/start.mjsView file
17const pkgDir = resolve(dirname(fileURLToPath(import.meta.url)), '..') L18: const require = createRequire(import.meta.url) L19: const vitePkg = require.resolve('vite/package.json', { paths: [pkgDir] })
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/start.mjsView on unpkg · L17
dist/assets/index-C_UQtxWU.jsView file
1const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/index-Cw2BXy8B.js"])))=>i.map(i=>d[i]); L2: import"./virtualExposes-DN39MDG_.js";import{d as R_}from"./virtual_mf-REMOTE_ENTRY_ID___mfe_internal__reventless_host_shell__remoteEntry-_hash_-24rXeWYj.js";import{_ as bR}from"./_... L3: `));return n(i)},Qw={step:"serialize",tags:["HTTP_AUTH_SCHEME"],name:"httpAuthSchemeMiddleware",override:!0,relation:"before",toMiddleware:"endpointV2Middleware"},Yw=(e,{httpAuthSc... ... L16: ${qn(s)}`}getCanonicalPath({path:t}){if(this.uriEscapePath){const n=[];for(const a of t.split("/"))a?.length!==0&&a!=="."&&(a===".."?n.pop():n.push(a));const r=`${t?.startsWith("/"... L17: `);return this.signString(m,{signingDate:r,signingRegion:l,signingService:s,eventStreamCredentials:o})}async signMessage(t,{signingDate:n=new Date,signingRegion:r,signingService:i,... L18: In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}var l,u=!0,c=!1;return{s:function(){a=a.call(r)},n:function(){var f=a.next();return u=f.done,f}... ... L26: */function ZL(e,t){var n=Kl.length?Kl.pop():[],r=Wl.length?Wl.pop():[],i=Ac(e,t,n,r);return n.length=0,r.length=0,Kl.push(n),Wl.push(r)
Critical
Browser Credential Phishing

Source appears to collect browser login credentials for exfiltration.

dist/assets/index-C_UQtxWU.jsView on unpkg · L1

Findings

1 Critical4 Medium6 Low
CriticalBrowser Credential Phishingdist/assets/index-C_UQtxWU.js
MediumDynamic Requirebin/start.mjs
MediumNetwork
MediumProtestware
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEval
LowHigh Entropy Strings
LowUrl Strings
LowNo License