registry  /  @stacksjs/buddy  /  0.70.53

@stacksjs/buddy@0.70.53

Meet Buddy. The Stacks runtime.

AI Security Review

scanned 20h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Risky primitives are tied to explicit Buddy CLI commands for project setup, cloud, mail, phone, SMS, HTTP, or plugin loading rather than install-time execution or covert exfiltration.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User invokes buddy/stacks/stx/bud CLI commands
Impact
User-requested project/cloud/file changes only; no covert credential harvesting confirmed
Mechanism
package-aligned project automation CLI
Rationale
Static source inspection shows a broad framework CLI with dangerous capabilities behind explicit commands, but no install-time hook, covert endpoint, or data-flow proving credential exfiltration. Scanner findings appear to conflate legitimate cloud/SMS/mail/setup command behavior with malware.
Evidence
package.jsondist/cli.jsdist/index.jsdist/src/index.d.tsdist/src/cli.d.tsREADME.md.env.env.exampledeps.yamlbuddy.config.ts.buddy.config.tsbuddy.config.js.buddy.config.js

Decision evidence

public snapshot
AI called this Clean at 84.0% confidence as Benign with medium false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall hook; only prepublishOnly build.
    • dist/cli.js runs only as declared bin and dispatches user CLI commands.
    • dist/index.js exports command modules; no confirmed import-time exfiltration path found.
    • Network/cloud actions are user-invoked Buddy features using @stacksjs/ts-cloud/AWS-style clients.
    • Env/file access is package-aligned CLI behavior: reads .env/config and writes project setup files.
    • Telemetry implementation is disabled stub and reports opt-in/disabled status.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 2 file(s), 1.56 MB of source, external domains: 0.0.0.0, 127.0.0.1, 169.254.169.254, api.hetzner.cloud, api.porkbun.com, cloudfront.amazonaws.com, console.aws.amazon.com, fonts.googleapis.com, github.com, pantry.dev, s3.amazonaws.com, stacksjs.com, tailwindcss.com, us-east-1.console.aws.amazon.com, wixtoolset.org, www.apple.com, www.w3.org

    Source & flagged code

    7 flagged · loading source
    dist/index.jsView file
    1// @bun L2: var Yh=Object.create;var{getPrototypeOf:Fh,defineProperty:KB,getOwnPropertyNames:Lh}=Object;var zh=Object.prototype.hasOwnProperty;function qh(K){return this[K]}var Oh,Mh,_h=(K,G,V... L3: echo "Hello World from App Server 2!" > /tmp/test.txt L4: chown ubuntu:ubuntu /tmp/test.txt L5: `},web:{name:"web-server",domain:"ow3.org",region:"us-east-1",type:"web",size:"t3.micro",diskSize:20,serverOS:"ubuntu-20-lts-x86_64",bunVersion:"1.1.26"},cache:{name:"cache-server"... L6: <DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> ... L95: <IsIPV6Enabled>${T.IsIPV6Enabled!==!1}</IsIPV6Enabled> L96: </DistributionConfig>`;await q.request({service:"cloudfront",region:"us-east-1",method:"PUT",path:`/2020-05-31/distribution/${v}/config`,headers:{"Content-Type":"application/xml","... L97: `)} L98: `),m6.success("Generated deps.yaml from config/deps.ts")}async function RV(K){m6.info("Ensuring .env exists...");let G=K.cwd||jV.projectPath(),V=`${G}/.env`,X=`${G}/.env.example`;i... L99: `),U=["default","stacks"],H="",W={},B={};for(let F of X){let L=F.trim(),z=L.match(/^\[(.+)\]$/);if(z){H=z[1],B[H]={};continue}let q=L.match(/^(\w+)\s*=\s*(.+)$/);if(q&&H){let[,O,Z
    Critical
    Credential Exfiltration

    Source appears to send environment or credential material to an external endpoint.

    dist/index.jsView on unpkg · L1
    1Trigger-reachable chain: manifest.module -> dist/index.js L1: // @bun L2: var Yh=Object.create;var{getPrototypeOf:Fh,defineProperty:KB,getOwnPropertyNames:Lh}=Object;var zh=Object.prototype.hasOwnProperty;function qh(K){return this[K]}var Oh,Mh,_h=(K,G,V... L3: echo "Hello World from App Server 2!" > /tmp/test.txt L4: chown ubuntu:ubuntu /tmp/test.txt L5: `},web:{name:"web-server",domain:"ow3.org",region:"us-east-1",type:"web",size:"t3.micro",diskSize:20,serverOS:"ubuntu-20-lts-x86_64",bunVersion:"1.1.26"},cache:{name:"cache-server"... L6: <DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> ... L95: <IsIPV6Enabled>${T.IsIPV6Enabled!==!1}</IsIPV6Enabled> L96: </DistributionConfig>`;await q.request({service:"cloudfront",region:"us-east-1",method:"PUT",path:`/2020-05-31/distribution/${v}/config`,headers:{"Content-Type":"application/xml","... L97: `)} L98: `),m6.success("Generated deps.yaml from config/deps.ts")}async function RV(K){m6.info("Ensuring .env exists...");let G=K.cwd||jV.projectPath(),V=`${G}/.env`,X=`${G}/.env.example`;i... L99: `),U=["default","stacks"],H="",W={},B={};for(let F of X){let L=F.trim(),z=L.match(/^\[(.+)\]$/);if(z){H=z[1],B[H]={};con…
    Critical
    Trigger Reachable Dangerous Capability

    A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

    dist/index.jsView on unpkg · L1
    97`)} L98: `),m6.success("Generated deps.yaml from config/deps.ts")}async function RV(K){m6.info("Ensuring .env exists...");let G=K.cwd||jV.projectPath(),V=`${G}/.env`,X=`${G}/.env.example`;i... L99: `),U=["default","stacks"],H="",W={},B={};for(let F of X){let L=F.trim(),z=L.match(/^\[(.+)\]$/);if(z){H=z[1],B[H]={};continue}let q=L.match(/^(\w+)\s*=\s*(.+)$/);if(q&&H){let[,O,Z]...
    High
    Child Process

    Package source references child process execution.

    dist/index.jsView on unpkg · L97
    186# 5) Restart only when the startup-read env actually changed (domain or DKIM key). L187: if [ "$ENV_CHANGED" = 1 ]; then systemctl restart mail 2>/dev/null || true; echo "MAILTENANT:env-changed+restarted,forwards=$FWD_STATE"; else echo "MAILTENANT:current,forwards=$FWD... L188: `),H,W,B,Y;for(let F of U){let L=F.trim();if(L.startsWith("#")||!L.includes("="))continue;let[z,...q]=L.split("="),O=q.join("=").trim();if(z==="AWS_ACCESS_KEY_ID"&&O)H=O;else if(z=... ... L191: Source: L192: `+R);let[,k]=w;return k.replace(/\s/g,"").split(cW).map((b)=>b.replace(lW,"").trim())}function dG(A,R){var w={};return Object.keys(A).forEach((k)=>{var b=A[k],g,d=O(b),p=!d&&b.leng... L193: GFS4: `),console.error(K)};if(!y6[R7]){if(hB=global[R7]||[],zZ(y6,hB),y6.close=function(K){function G(V,X){return K.call(y6,V,function(U){if(!U)LZ();if(typeof X==="function")X.appl...
    High
    Same File Env Network Execution

    A single source file combines environment access, network access, and code or shell execution; review context before blocking.

    dist/index.jsView on unpkg · L186
    95<IsIPV6Enabled>${T.IsIPV6Enabled!==!1}</IsIPV6Enabled> L96: </DistributionConfig>`;await q.request({service:"cloudfront",region:"us-east-1",method:"PUT",path:`/2020-05-31/distribution/${v}/config`,headers:{"Content-Type":"application/xml","... L97: `)} L98: `),m6.success("Generated deps.yaml from config/deps.ts")}async function RV(K){m6.info("Ensuring .env exists...");let G=K.cwd||jV.projectPath(),V=`${G}/.env`,X=`${G}/.env.example`;i... L99: `),U=["default","stacks"],H="",W={},B={};for(let F of X){let L=F.trim(),z=L.match(/^\[(.+)\]$/);if(z){H=z[1],B[H]={};continue}let q=L.match(/^(\w+)\s*=\s*(.+)$/);if(q&&H){let[,O,Z]...
    High
    Command Output Exfiltration

    Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

    dist/index.jsView on unpkg · L95
    4chown ubuntu:ubuntu /tmp/test.txt L5: `},web:{name:"web-server",domain:"ow3.org",region:"us-east-1",type:"web",size:"t3.micro",diskSize:20,serverOS:"ubuntu-20-lts-x86_64",bunVersion:"1.1.26"},cache:{name:"cache-server"... L6: <DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/">
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/index.jsView on unpkg · L4
    1// @bun L2: var Yh=Object.create;var{getPrototypeOf:Fh,defineProperty:KB,getOwnPropertyNames:Lh}=Object;var zh=Object.prototype.hasOwnProperty;function qh(K){return this[K]}var Oh,Mh,_h=(K,G,V... L3: echo "Hello World from App Server 2!" > /tmp/test.txt L4: chown ubuntu:ubuntu /tmp/test.txt L5: `},web:{name:"web-server",domain:"ow3.org",region:"us-east-1",type:"web",size:"t3.micro",diskSize:20,serverOS:"ubuntu-20-lts-x86_64",bunVersion:"1.1.26"},cache:{name:"cache-server"... L6: <DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> ... L95: <IsIPV6Enabled>${T.IsIPV6Enabled!==!1}</IsIPV6Enabled> L96: </DistributionConfig>`;await q.request({service:"cloudfront",region:"us-east-1",method:"PUT",path:`/2020-05-31/distribution/${v}/config`,headers:{"Content-Type":"application/xml","... L97: `)} L98: `),m6.success("Generated deps.yaml from config/deps.ts")}async function RV(K){m6.info("Ensuring .env exists...");let G=K.cwd||jV.projectPath(),V=`${G}/.env`,X=`${G}/.env.example`;i... L99: `),U=["default","stacks"],H="",W={},B={};for(let F of X){let L=F.trim(),z=L.match(/^\[(.+)\]$/);if(z){H=z[1],B[H]={};continue}let q=L.match(/^(\w+)\s*=\s*(.+)$/);if(q&&H){let[,O,Z
    Medium
    Install Persistence

    Source writes installer persistence such as shell profile or service configuration.

    dist/index.jsView on unpkg · L1

    Findings

    2 Critical3 High6 Medium6 Low
    CriticalCredential Exfiltrationdist/index.js
    CriticalTrigger Reachable Dangerous Capabilitydist/index.js
    HighChild Processdist/index.js
    HighSame File Env Network Executiondist/index.js
    HighCommand Output Exfiltrationdist/index.js
    MediumDynamic Requiredist/index.js
    MediumNetwork
    MediumEnvironment Vars
    MediumInstall Persistencedist/index.js
    MediumProtestware
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowFilesystem
    LowObfuscated
    LowHigh Entropy Strings
    LowUrl Strings