registry  /  @testsprite/testsprite-cli  /  0.3.0

@testsprite/testsprite-cli@0.3.0

Official TestSprite command-line interface

AI Security Review

scanned 3h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. No malicious attack surface was confirmed. The main risk is explicit user-command installation of TestSprite-owned agent instructions into project agent config files.

Static reason
No blocking static signals were detected.
Trigger
User runs `testsprite setup` or `testsprite agent install`.
Impact
Warn-level agent extension lifecycle risk; no publish-blocking install-time or covert behavior found.
Mechanism
First-party CLI writes credentials and optional agent skill files.
Rationale
This package is not malicious by source inspection: it has no lifecycle hooks and its network, credential, and filesystem behavior are aligned with an official TestSprite CLI. Because explicit setup installs first-party AI-agent instructions into user projects, the safest firewall action is warn rather than block.
Evidence
package.jsondist/index.jsdist/commands/init.jsdist/commands/auth.jsdist/commands/agent.jsdist/lib/agent-targets.jsdist/lib/credentials.jsdist/lib/update-check.jsdist/lib/client-factory.js~/.testsprite/credentials~/.testsprite/update-check.jsonAGENTS.md.claude/skills/<skill>/SKILL.md.agents/skills/<skill>/SKILL.md.cursor/rules/<skill>.mdc.clinerules/<skill>.md.kiro/skills/<skill>/SKILL.md.windsurf/rules/<skill>.md.github/instructions/<skill>.instructions.md
Network endpoints2
api.testsprite.comregistry.npmjs.org/@testsprite%2Ftestsprite-cli/latest

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Benign with medium false-positive risk.
Evidence for warning
  • Explicit `testsprite setup`/`agent install` can write coding-agent instruction files including `AGENTS.md` and `.claude/skills/...` via `dist/commands/agent.js`.
  • `dist/commands/init.js` runs credential setup then installs default TestSprite agent skills unless `--no-agent` is used.
  • `dist/commands/auth.js` stores API keys in `~/.testsprite/credentials` after validating against the TestSprite API.
Evidence against
  • `package.json` has no npm lifecycle hooks; no install-time execution or unconsented mutation found.
  • Network use is package-aligned: default API host `https://api.testsprite.com` and update check `https://registry.npmjs.org/@testsprite%2Ftestsprite-cli/latest`.
  • Credential handling is user-invoked, validates key with `/me`, writes local credentials with restrictive permissions, and does not show exfiltration to unrelated hosts.
  • Agent file writes are explicit CLI commands, scoped to known TestSprite skill assets, sentinel-managed for `AGENTS.md`, and include symlink/path checks.
  • No `child_process`, eval/vm/Function, native binary loading, persistence, destructive behavior, or reviewer prompt injection found in inspected entrypoints.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 38 file(s), 737 KB of source, external domains: api.testsprite.com, example.com, nodejs.org, registry.npmjs.org, s3-presigned.example.com, staging.example.com, www.testsprite.com, your-app.com

Source & flagged code

3 flagged · loading source
dist/commands/agent.jsView file
Published source reference
Medium
Ai Review Evidence

Explicit `testsprite setup`/`agent install` can write coding-agent instruction files including `AGENTS.md` and `.claude/skills/...` via `dist/commands/agent.js`.

dist/commands/agent.jsView on unpkg
dist/commands/init.jsView file
Published source reference
Medium
Ai Review Evidence

`dist/commands/init.js` runs credential setup then installs default TestSprite agent skills unless `--no-agent` is used.

dist/commands/init.jsView on unpkg
dist/commands/auth.jsView file
Published source reference
Medium
Ai Review Evidence

`dist/commands/auth.js` stores API keys in `~/.testsprite/credentials` after validating against the TestSprite API.

dist/commands/auth.jsView on unpkg

Findings

5 Medium4 Low
MediumNetwork
MediumEnvironment Vars
MediumAi Review Evidencedist/commands/agent.js
MediumAi Review Evidencedist/commands/init.js
MediumAi Review Evidencedist/commands/auth.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings