registry  /  @streetjs/cli  /  1.2.1

@streetjs/cli@1.2.1

Street Framework CLI — scaffold, generate, migrate, and run TypeScript backend projects.

AI Security Review

scanned 11h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Network, package installation, file writes, and child-process execution occur only through explicit CLI commands for scaffolding, building, testing, auditing, or plugin/registry operations.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs street create, plugin:install, registry, build, test, start, or audit.
Impact
Writes within the selected project directory and may contact a configured plugin/registry service or npm when explicitly invoked.
Mechanism
User-invoked project scaffolding and CLI tooling.
Rationale
The scanner's credential-exfiltration signal is unsupported: create.js embeds generated application templates containing credential documentation, not code that sends the host environment. Potentially risky capabilities are explicit, package-aligned CLI operations with no install-time execution or covert persistence.
Evidence
package.jsonbin/street.jsdist/index.jsdist/env.jsdist/commands/create.jsdist/commands/plugin.jsdist/commands/registry.jsdist/commands/start.jsdist/commands/test.jsdist/commands/audit.js
Network endpoints2
plugins.streetjs.devlocalhost:8787

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has only prepublishOnly; no install lifecycle hook.
    • bin/street.js only delegates to runCli after user invokes street.
    • dist/index.js dispatches named CLI commands; import reads local package.json and loads project .env.
    • dist/commands/create.js writes a requested scaffold and runs npm only for create, lockfile generation, or --install.
    • dist/commands/plugin.js and dist/commands/registry.js network actions require explicit plugin/registry commands.
    • No eval/vm/native loader or AI-agent configuration path was found.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 26 file(s), 441 KB of source, external domains: admin.example.com, app.example.com, esm.sh, github.com, hassanmubiru.github.io, htmx.org, nodejs.org, plugins.streetjs.dev, unpkg.com, www.npmjs.com

    Source & flagged code

    6 flagged · loading source
    dist/commands/start.jsView file
    2// `street start` — runs the compiled production server. L3: import { spawn } from 'node:child_process'; L4: import { existsSync } from 'node:fs';
    High
    Child Process

    Package source references child process execution.

    dist/commands/start.jsView on unpkg · L2
    dist/commands/test.jsView file
    76stdio: 'inherit', L77: shell: true, L78: });
    High
    Shell

    Package source references shell execution.

    dist/commands/test.jsView on unpkg · L76
    73return new Promise((resolvePromise, reject) => { L74: const tsc = spawn('npx', ['tsc', '--project', 'tsconfig.json'], { L75: cwd: projectDir,
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    dist/commands/test.jsView on unpkg · L73
    dist/commands/create.jsView file
    398constructor( L399: private readonly orgs: OrgRepository, L400: private readonly members: MembershipWriteRepository, ... L672: L673: const token = randomBytes(32).toString('base64url'); // unique invite token L674: const expiresAt = new Date(Date.now() + INVITE_TTL_MS); ... L816: /** Environment label embedded in the prefix (e.g. "live", "test"). */ L817: private readonly environment: string = process.env['NODE_ENV'] === 'production' ? 'live' : 'test', L818: ) {} ... L1443: type: string; L1444: data: { object: Record<string, unknown> }; L1445: }
    Critical
    Credential Exfiltration

    Source appears to send environment or credential material to an external endpoint.

    dist/commands/create.jsView on unpkg · L398
    398Trigger-reachable chain: manifest.main -> dist/index.js -> dist/commands/create.js L398: constructor( L399: private readonly orgs: OrgRepository, L400: private readonly members: MembershipWriteRepository, ... L672: L673: const token = randomBytes(32).toString('base64url'); // unique invite token L674: const expiresAt = new Date(Date.now() + INVITE_TTL_MS); ... L816: /** Environment label embedded in the prefix (e.g. "live", "test"). */ L817: private readonly environment: string = process.env['NODE_ENV'] === 'production' ? 'live' : 'test', L818: ) {} ... L1443: type: string; L1444: data: { object: Record<string, unknown> }; L1445: }
    Critical
    Trigger Reachable Dangerous Capability

    A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

    dist/commands/create.jsView on unpkg · L398
    dist/commands/generate.jsView file
    94package = @streetjs/cli; repositoryIdentity = streetjs; dependency = streetjs L94: const output = String(ctx.args.flags['output'] ?? './sdk'); L95: const core = await import('streetjs'); L96: let specRaw;
    High
    Copied Package Dependency Bridge

    Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.

    dist/commands/generate.jsView on unpkg · L94

    Findings

    2 Critical4 High4 Medium5 Low
    CriticalCredential Exfiltrationdist/commands/create.js
    CriticalTrigger Reachable Dangerous Capabilitydist/commands/create.js
    HighChild Processdist/commands/start.js
    HighShelldist/commands/test.js
    HighCopied Package Dependency Bridgedist/commands/generate.js
    HighRuntime Package Installdist/commands/test.js
    MediumDynamic Require
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings