registry  /  @specship/specship-linux-x64  /  0.11.8

@specship/specship-linux-x64@0.11.8

SpecShip self-contained bundle for linux-x64

AI Security Review

scanned 5d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The risky primitives are a user-invoked Claude Code integration installer and bundled CLI/runtime, consistent with the package purpose rather than install-time compromise.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `bin/specship`/`specship install` or related CLI commands.
Impact
Can add SpecShip MCP server, auto-allow permissions, hooks, slash commands, agent file, optional status line, and local `.specship` index for Claude Code when requested.
Mechanism
User-invoked Claude MCP/commands/hooks installer and bundled Node runtime.
Rationale
Static inspection shows a self-contained SpecShip CLI bundle whose sensitive behavior is explicit Claude Code integration performed by user-invoked installer commands, with no lifecycle execution or exfiltration. Scanner hits map to expected CLI, MCP, installer, WASM/native runtime, and dynamic import patterns rather than concrete malware.
Evidence
package.jsonbin/specshiplib/package.jsonlib/dist/bin/specship.jslib/dist/installer/index.jslib/dist/installer/targets/claude.jslib/dist/installer/targets/shared.js./.mcp.json./.claude/settings.json./.claude/commands/specship/*.md./.claude/agents/specship-explorer.md./CLAUDE.md./.specship/~/.claude.json~/.claude/settings.json~/.claude/commands/specship/*.md~/.claude/agents/specship-explorer.md~/.claude/CLAUDE.md

Decision evidence

public snapshot
AI called this Clean at 87.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • lib/dist/installer/targets/claude.js writes Claude Code MCP config, settings hooks, slash commands, and agent files when `specship install` runs.
  • lib/dist/installer/index.js can run `npm install -g @specship/specship`, but only after an interactive prompt, skipped with `--yes`.
  • Package ships a large native `node` ELF used by bin/specship wrapper.
Evidence against
  • package.json has no lifecycle scripts, main, exports, or bin; install/import does not auto-run package code.
  • bin/specship explicitly runs bundled node with lib/dist/bin/specship.js only when user invokes CLI.
  • Dynamic eval in lib/dist/installer/index.js is an ESM import helper for @clack/prompts, not payload execution.
  • Claude config mutation is package-aligned, user-invoked installer behavior with local/global prompts and uninstall cleanup.
  • MCP permissions and hooks run `specship` commands, not arbitrary downloaded code or credential harvesting.
  • No source-grounded credential/env harvesting, exfiltration endpoint, persistence outside declared Claude integration, or destructive behavior found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 341 file(s), 4.02 MB of source, external domains: 127.0.0.1, angular.dev, claude.ai, docs.claude.com, github.com, mcp.sentry.dev, www.w3.org
Oversized source lightweight scan
lib/dist/web/chunk-JTFXTIPE.js3.48 MB file, sampled 256 KB
ChildProcessEnvironmentVarsShellObfuscatedHighEntropyStringsMinified

Source & flagged code

9 flagged · loading source
lib/dist/health/smoke-check.jsView file
56const path = __importStar(require("path")); L57: const child_process_1 = require("child_process"); L58: const sqlite_adapter_1 = require("../db/sqlite-adapter");
High
Child Process

Package source references child process execution.

lib/dist/health/smoke-check.jsView on unpkg · L56
lib/dist/bin/specship.jsView file
225// eslint-disable-next-line @typescript-eslint/no-implied-eval L226: const importESM = new Function('specifier', 'return import(specifier)'); L227: // Block SpecShip on Node.js 25.x — V8's turboshaft WASM JIT has a Zone
High
Eval

Package source references dynamic code evaluation.

lib/dist/bin/specship.jsView on unpkg · L225
lib/dist/ui/shimmer-worker.jsView file
2Object.defineProperty(exports, "__esModule", { value: true }); L3: const worker_threads_1 = require("worker_threads"); L4: const fs_1 = require("fs");
Medium
Dynamic Require

Package source references dynamic require/import behavior.

lib/dist/ui/shimmer-worker.jsView on unpkg · L2
lib/dist/designer/cdp-ensure.jsView file
9const node_path_1 = __importDefault(require("node:path")); L10: const node_child_process_1 = require("node:child_process"); L11: const cross_platform_1 = require("./cross-platform"); L12: const cdp_env_1 = require("./cdp-env"); L13: const PORT = process.env.DESIGNER_CDP || '9222'; L14: const PROFILE = node_path_1.default.join(node_os_1.default.homedir(), '.chrome-designer-profile'); ... L17: try { L18: const res = await fetch(`http://127.0.0.1:${PORT}/json/version`, { signal: AbortSignal.timeout(1500) }); L19: return res.ok;
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

lib/dist/designer/cdp-ensure.jsView on unpkg · L9
lib/dist/installer/index.jsView file
123try { L124: (0, child_process_1.execSync)('npm install -g @specship/specship', { stdio: 'pipe', windowsHide: true }); L125: s.stop('Installed specship CLI on PATH');
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

lib/dist/installer/index.jsView on unpkg · L123
path = node kind = native_binary sizeBytes = 123438592 magicHex = [redacted]
Medium
Ships Native Binary

Package ships native binary artifacts.

nodeView on unpkg
lib/dist/extraction/wasm/tree-sitter-scala.wasmView file
path = lib/dist/extraction/wasm/tree-sitter-scala.wasm kind = wasm_module sizeBytes = 4958320 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkg
lib/dist/web/chunk-JTFXTIPE.jsView file
path = lib/dist/web/chunk-JTFXTIPE.js kind = oversized_source_file sizeBytes = 3651043 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

lib/dist/web/chunk-JTFXTIPE.jsView on unpkg
lib/dist/installer/targets/claude.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @specship/specship-linux-x64@0.11.7 matchedIdentity = npm:[redacted]:0.11.7 similarity = 0.992 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

lib/dist/installer/targets/claude.jsView on unpkg

Findings

1 Critical6 High7 Medium5 Low
CriticalPrevious Version Dangerous Deltalib/dist/installer/targets/claude.js
HighChild Processlib/dist/health/smoke-check.js
HighShell
HighEvallib/dist/bin/specship.js
HighSame File Env Network Executionlib/dist/designer/cdp-ensure.js
HighRuntime Package Installlib/dist/installer/index.js
HighOversized Source Filelib/dist/web/chunk-JTFXTIPE.js
MediumDynamic Requirelib/dist/ui/shimmer-worker.js
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumShips Native Binarynode
MediumShips Wasm Modulelib/dist/extraction/wasm/tree-sitter-scala.wasm
MediumStructural Risk Force Deep Review
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings