registry  /  @solidrt/cli  /  0.0.25

@solidrt/cli@0.0.25

AI Security Review

scanned 2h ago · by lpm-firewall-ai

The explicit dev-server command exposes project file read/write and arbitrary HTTP proxy routes. No install-time or covert execution was found.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs srt run or srt server.
Impact
A reachable untrusted client could modify project files or use the host as a network proxy.
Mechanism
Unauthenticated development server with project-file PUT and arbitrary upstream proxying.
Rationale
No malicious lifecycle, stealth, credential theft, or foreign AI-agent mutation is present. The exposed unauthenticated file-write/proxy capability is concrete enough to warn despite being package-aligned and user-invoked.
Evidence
package.jsonbin/srtsrc/main.tssrc/dev-server.tssrc/commands/server.tssrc/commands/mcp.tssrc/cache.ts
Network endpoints2
127.0.0.1:34884/__control__/__proxy__

Decision evidence

public snapshot
AI called this Suspicious at 83.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • src/dev-server.ts starts an unauthenticated Bun HTTP/WebSocket server without a hostname restriction.
  • src/dev-server.ts accepts PUT and writes resolved paths beneath the active project source directory.
  • src/dev-server.ts proxies arbitrary x-srt-proxy-url targets with forwarded request headers.
  • src/main.ts activates this only through explicit srt run/server commands.
Evidence against
  • package.json has no preinstall, install, or postinstall lifecycle hooks.
  • bin/srt only imports src/main.ts; import dispatches explicit CLI commands.
  • No credential harvesting, foreign agent-config mutation, eval/vm, or hidden endpoint was found.
  • src/commands/mcp.ts communicates only with the local 127.0.0.1 control endpoint.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
WildcardDependency
scanned 24 file(s), 98.7 KB of source, external domains: 127.0.0.1, solidjs.com, www.w3.org

Source & flagged code

1 flagged · loading source
src/dev-server.tsView file
matchType = previous_version_dangerous_delta matchedPackage = @solidrt/cli@0.0.22 matchedIdentity = npm:QHNvbGlkcnQvY2xp:0.0.22 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/dev-server.tsView on unpkg

Findings

1 High3 Medium3 Low
HighPrevious Version Dangerous Deltasrc/dev-server.ts
MediumNetwork
MediumEnvironment Vars
MediumWildcard Dependency
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings