registry  /  @utoo/pack  /  1.4.21

@utoo/pack@1.4.21

> 🌖 High-performance bundler core for the Utoo toolchain, powered by [Turbopack](https://turbo.build/pack).

AI Security Review

scanned 7d ago · by lpm-firewall-ai

No confirmed malicious behavior was found. The main unresolved risk is a user-invoked HTTPS dev-server helper that downloads and executes mkcert to install a local CA and generate localhost certificates.

Static reason
One or more suspicious static signals were detected.
Trigger
Calling serve/dev with HTTPS enabled and no supplied selfSignedCertificate
Impact
Installs a local mkcert CA, writes localhost certificate files, and may edit project .gitignore; no exfiltration or stealth behavior observed.
Mechanism
runtime download and execution of mkcert for local HTTPS certificates
Rationale
Source inspection supports a warn-level supply-chain risk from runtime remote binary execution for mkcert, but not malicious intent or install-time compromise. The behavior is user-invoked and package-aligned, with no evidence of harvesting, exfiltration, persistence, or foreign AI-agent control-surface mutation.
Evidence
package.jsonesm/index.jsesm/commands/dev.jsesm/commands/build.jsesm/utils/mkcert.jsesm/config/readWebpackConfig.jsesm/binding.jscertificates/localhost-key.pemcertificates/localhost.pem.gitignore
Network endpoints1
github.com/FiloSottile/mkcert/releases/download/v1.4.4/{binaryName}

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • esm/utils/mkcert.js downloads mkcert v1.4.4 from GitHub at runtime without checksum verification.
  • esm/utils/mkcert.js chmods and executes the downloaded mkcert binary with -install when HTTPS dev certs are requested.
  • esm/utils/mkcert.js writes localhost cert/key files and may append certDir to .gitignore.
Evidence against
  • package.json has no preinstall/install/postinstall hooks; only prepublishOnly build tooling.
  • Main/module entrypoints export build/serve APIs; risky paths require user-invoked dev/build actions.
  • esm/commands/build.js only spawns npx webpack-bundle-analyzer when ANALYZE is set and stats.json exists.
  • esm/config/readWebpackConfig.js requires the user's local webpack config as expected bundler behavior.
  • No credential harvesting, exfiltration, AI-agent config mutation, persistence, or destructive package-install behavior found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShellWebSocket
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 54 file(s), 229 KB of source, external domains: github.com

Source & flagged code

4 flagged · loading source
esm/utils/mkcert.jsView file
1import { execSync } from "node:child_process"; L2: import { createPrivateKey, X509Certificate } from "node:crypto";
High
Child Process

Package source references child process execution.

esm/utils/mkcert.jsView on unpkg · L1
esm/commands/build.jsView file
114stdio: "inherit", L115: shell: true, L116: });
High
Shell

Package source references shell execution.

esm/commands/build.jsView on unpkg · L114
112return new Promise((resolve, reject) => { L113: const analyzer = spawn("npx", ["webpack-bundle-analyzer", statsPath], { L114: stdio: "inherit",
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

esm/commands/build.jsView on unpkg · L112
esm/config/readWebpackConfig.jsView file
12.find(fs.existsSync); L13: const config = require(configFile || configPath); L14: if (typeof config === "function") {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

esm/config/readWebpackConfig.jsView on unpkg · L12

Findings

3 High4 Medium4 Low
HighChild Processesm/utils/mkcert.js
HighShellesm/commands/build.js
HighRuntime Package Installesm/commands/build.js
MediumDynamic Requireesm/config/readWebpackConfig.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowUrl Strings