registry  /  @somewhere-tech/cli  /  0.19.1

@somewhere-tech/cli@0.19.1

CLI for somewhere.tech — auth, projects, deploy, pull, promote, db, logs, env, MCP bridge.

AI Security Review

scanned 7d ago · by lpm-firewall-ai

No confirmed malicious attack surface was found. Risky primitives are user-invoked CLI features aligned with auth, deploy, MCP setup, npm/npx gating, and self-update behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User explicitly runs CLI commands such as login, init, dev, update, mcp install, swpx, or swpm.
Impact
No unconsented install-time execution, credential harvesting, persistence, destructive behavior, or hidden exfiltration identified.
Mechanism
Package-aligned CLI network calls and user-command delegation
Rationale
Static inspection shows a legitimate somewhere.tech CLI with expected network, filesystem, child_process, and MCP integration behavior gated by explicit user commands. Scanner findings are explained by package-aligned functionality rather than malicious install-time or hidden behavior.
Evidence
package.jsonbin/somewhere.jsbin/swpx.jsbin/swpm.jsdist/index.jsdist/swpx/spawn.jsdist/swpx/run-swpx.jsdist/swpx/run-swpm.jsdist/swpx/verdict-client.jsdist/commands/dev.jsdist/commands/update.jsdist/commands/mcp.js~/.somewhere/config.json.somewhere.json.mcp.json~/.claude.json~/.cursor/mcp.json
Network endpoints5
api.somewhere.tech/v1runner.somewhere.techmcp.somewhere.tech/mcpnpm.somewhere.techregistry.npmjs.org

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no consumer install hooks; prepublishOnly is publish-time build only.
    • bin/somewhere.js, bin/swpx.js, and bin/swpm.js only import CLI entrypoints.
    • dist/swpx/spawn.js delegates to real npm/npx after verdict checks; no POSIX shell and Windows shell is for .cmd shims.
    • dist/commands/update.js runs fixed npm view/install commands for @somewhere-tech/cli only when user invokes update.
    • dist/commands/dev.js uploads project files to preview endpoints and shell-runs only user-supplied `somewhere dev <cmd>`.
    • dist/lib/config.js and dist/commands/mcp.js write MCP configs only for explicit login/init/mcp install flows, using stdio bridge without embedded token.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 66 file(s), 479 KB of source, external domains: api.somewhere.tech, fonts.googleapis.com, mcp.somewhere.tech, npm.somewhere.tech, registry.npmjs.org, runner.somewhere.tech, somewhere.tech

    Source & flagged code

    5 flagged · loading source
    dist/swpx/spawn.jsView file
    6* verdict; a missing npm is the user's environment, not a swpx error. */ L7: import { spawn } from 'node:child_process'; L8: import { dim } from '../lib/output.js';
    High
    Child Process

    Package source references child process execution.

    dist/swpx/spawn.jsView on unpkg · L6
    dist/commands/dev.jsView file
    357const child = spawn(command, { L358: shell: true, L359: stdio: 'inherit',
    High
    Shell

    Package source references shell execution.

    dist/commands/dev.jsView on unpkg · L357
    dist/local/runtime.jsView file
    36const root = packageRoot(); L37: await import(pathToFileURL(join(root, 'runtime', 'sw-init.mjs')).href); L38: contextModule = (await import(pathToFileURL(join(root, 'runtime', 'platform-context.mjs')).href));
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/local/runtime.jsView on unpkg · L36
    dist/commands/update.jsView file
    52// in which case npm's EACCES message is surfaced and we point at the manual fix. L53: execSync(`npm install -g ${PACKAGE}@latest`, { stdio: 'inherit' }); L54: }
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    dist/commands/update.jsView on unpkg · L52
    dist/lib/typecheck.jsView file
    matchType = previous_version_dangerous_delta matchedPackage = @somewhere-tech/cli@0.19.0 matchedIdentity = npm:QHNvbWV3aGVyZS10ZWNoL2NsaQ:0.19.0 similarity = 0.952 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/lib/typecheck.jsView on unpkg

    Findings

    1 Critical3 High4 Medium5 Low
    CriticalPrevious Version Dangerous Deltadist/lib/typecheck.js
    HighChild Processdist/swpx/spawn.js
    HighShelldist/commands/dev.js
    HighRuntime Package Installdist/commands/update.js
    MediumDynamic Requiredist/local/runtime.js
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings