registry  /  @shipeasy/sdk  /  7.3.0

@shipeasy/sdk@7.3.0

Shipeasy SDK — feature gates, runtime configs, experiments, and metrics for the Shipeasy hosted service.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.
Trigger
User explicitly runs `shipeasy-skill install`.
Impact
Potential AI-agent behavior guidance is added only on explicit command; runtime SDK sends configured feature/telemetry/devtools requests to Shipeasy endpoints.
Mechanism
First-party agent skill file installation plus package-aligned SDK network requests.
Rationale
Source inspection found no malicious install-time behavior, exfiltration, remote payload execution, persistence, or destructive actions. Because the package includes an explicit user-command agent skill installer targeting `.claude/skills`, apply a warn-level lifecycle/capability risk rather than a publish block.
Evidence
package.jsondist/skill-cli.jsdocs/skill/SKILL.mddist/server/index.jsdist/client/index.jsdist/devtools/index.js.claude/skills/shipeasy-typescript/SKILL.md
Network endpoints5
cdn.shipeasy.aiapi.shipeasy.aiapi.shipeasy.ai/collectt.shipeasy.aishipeasy.ai

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • dist/skill-cli.js exposes explicit `shipeasy-skill install` writing to `.claude/skills/shipeasy-typescript/SKILL.md` by default.
  • docs/skill/SKILL.md is an agent skill with SDK usage guidance and external docs URLs.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks.
  • Main/browser entrypoints are SDK code for feature flags, configs, experiments, telemetry, i18n, and devtools.
  • Network calls target package-aligned Shipeasy hosts and are gated by user configuration/runtime calls.
  • No child_process, eval/vm, native binary loading, destructive filesystem actions, credential harvesting, or broad import-time execution found.
  • dist/skill-cli.js refuses overwrite unless `--force` and only runs when the bin is explicitly invoked.
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
HighEntropyStringsTelemetryUrlStrings
Manifest
NoLicense
scanned 15 file(s), 733 KB of source, external domains: api.shipeasy.ai, cdn.shipeasy.ai, shipeasy.ai, t.shipeasy.ai

Source & flagged code

2 flagged · loading source
dist/skill-cli.jsView file
Published source reference
Medium
Ai Review Evidence

dist/skill-cli.js exposes explicit `shipeasy-skill install` writing to `.claude/skills/shipeasy-typescript/SKILL.md` by default.

dist/skill-cli.jsView on unpkg
docs/skill/SKILL.mdView file
Published source reference
Medium
Ai Review Evidence

docs/skill/SKILL.md is an agent skill with SDK usage guidance and external docs URLs.

docs/skill/SKILL.mdView on unpkg

Findings

3 Medium6 Low
MediumNetwork
MediumAi Review Evidencedist/skill-cli.js
MediumAi Review Evidencedocs/skill/SKILL.md
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License