registry  /  @utoo/pack  /  1.4.25

@utoo/pack@1.4.25

> 🌖 High-performance bundler core for the Utoo toolchain, powered by [Turbopack](https://turbo.build/pack).

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Conditional dev-server HTTPS setup downloads and executes a `mkcert` release binary. No unconsented install-time execution or credential exfiltration was established.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Caller invokes `serve` with `https: true` or enables `config.devServer.https`.
Impact
A compromised or substituted release artifact could execute locally and install a local development CA.
Mechanism
Fetches, caches, chmods, and executes an unverified remote mkcert binary.
Rationale
Source does not show concrete malicious behavior, but executing an unverified downloaded binary is a meaningful unresolved supply-chain risk. Downgrade to warn rather than block because it is user-invoked HTTPS setup with no install hook, exfiltration, stealth, or AI-agent mutation.
Evidence
package.jsonesm/index.jsesm/utils/mkcert.jsesm/commands/dev.jsesm/commands/build.jsesm/config/readWebpackConfig.jscertificates/localhost-key.pemcertificates/localhost.pem
Network endpoints1
github.com/FiloSottile/mkcert/releases/download/v1.4.4/

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `esm/utils/mkcert.js` fetches a platform binary from GitHub, chmods it, then executes it.
  • The downloaded binary has no checksum or signature verification before execution.
  • `esm/commands/build.js` starts `npx webpack-bundle-analyzer` with `shell: true` when `ANALYZE` is set.
Evidence against
  • `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
  • `esm/index.js` exports build/serve APIs and does not invoke them at import time.
  • The binary download is reached only when HTTPS dev-server mode is enabled.
  • No AI-agent control-surface paths, credential-harvesting paths, eval/vm use, or destructive filesystem calls were found.
  • Dynamic require in `config/readWebpackConfig.js` loads the caller's explicit webpack config.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 54 file(s), 230 KB of source, external domains: github.com

Source & flagged code

5 flagged · loading source
esm/utils/mkcert.jsView file
1import { execSync } from "node:child_process"; L2: import { createPrivateKey, X509Certificate } from "node:crypto";
High
Child Process

Package source references child process execution.

esm/utils/mkcert.jsView on unpkg · L1
esm/commands/build.jsView file
114stdio: "inherit", L115: shell: true, L116: });
High
Shell

Package source references shell execution.

esm/commands/build.jsView on unpkg · L114
112return new Promise((resolve, reject) => { L113: const analyzer = spawn("npx", ["webpack-bundle-analyzer", statsPath], { L114: stdio: "inherit",
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

esm/commands/build.jsView on unpkg · L112
esm/config/readWebpackConfig.jsView file
12.find(fs.existsSync); L13: const config = require(configFile || configPath); L14: if (typeof config === "function") {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

esm/config/readWebpackConfig.jsView on unpkg · L12
cjs/commands/dev.jsView file
•matchType = previous_version_dangerous_delta matchedPackage = @utoo/pack@1.4.22 matchedIdentity = npm:QHV0b28vcGFjaw:1.4.22 similarity = 0.923 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

cjs/commands/dev.jsView on unpkg

Findings

1 Critical3 High4 Medium4 Low
CriticalPrevious Version Dangerous Deltacjs/commands/dev.js
HighChild Processesm/utils/mkcert.js
HighShellesm/commands/build.js
HighRuntime Package Installesm/commands/build.js
MediumDynamic Requireesm/config/readWebpackConfig.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowUrl Strings