registry  /  @vue-skuilder/cli  /  0.2.15

@vue-skuilder/cli@0.2.15

CLI scaffolding tool for vue-skuilder projects

AI Security Review

scanned 8h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs skuilder studio
Impact
Warn: creates an MCP server config in the current project with local CouchDB credentials and course-editing capabilities; no external exfiltration or unconsented install-time mutation found.
Mechanism
explicit user-command MCP config setup and local course tooling
Rationale
Source inspection supports a warning for explicit MCP/agent configuration mutation during studio mode, not a publish block. The suspicious scanner hits are explained by normal CLI scaffolding, local server, CouchDB import/export, and studio build behavior.
Evidence
package.jsondist/cli.jsdist/commands/studio.jsdist/mcp-server.jsdist/commands/init.jsdist/commands/pack.jsdist/commands/unpack.jsdist/utils/template.js.mcp.jsonpublic/static-courses/static-data/dist-lib/node_modules/<course-package>/custom-questions-config.json
Network endpoints5
localhost:5984localhost:5985localhost:3000localhost:3001localhost:7174

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • dist/commands/studio.js writes .mcp.json in process.cwd() during explicit skuilder studio command
  • dist/commands/studio.js .mcp.json registers bundled dist/mcp-server.js with CouchDB env including password
  • dist/commands/studio.js spawns npm build scripts for user course questions during studio command
  • dist/mcp-server.js exposes MCP tools over stdio for course create/update/tag/delete operations
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks
  • dist/cli.js only initializes commander and registers init/pack/unpack/studio commands
  • network activity is package-aligned CouchDB/Express/studio localhost URLs or user-provided CouchDB server
  • dist/commands/init.js writes scaffolded project files only after explicit init command
  • dist/commands/pack.js and dist/commands/unpack.js read/write course data for explicit user commands
  • No credential harvesting, external exfiltration endpoint, destructive install-time behavior, or remote payload loading found
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 50 file(s), 352 KB of source, external domains: github.com, parceljs.org

Source & flagged code

5 flagged · loading source
dist/commands/studio.jsView file
379patternName = generic_password severity = medium line = 379 matchedText = password...rd}'
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/commands/studio.jsView on unpkg · L379
409patternName = generic_password severity = medium line = 409 matchedText = password...rd}'
Medium
Secret Pattern

Hardcoded password in dist/commands/studio.js

dist/commands/studio.jsView on unpkg · L409
dist/studio-ui-src/main.tsView file
103customQuestionsStatus.importAttempted = true; L104: const customModule = await import(/* @vite-ignore */ customConfig.importPath); L105: customQuestionsStatus.importSucceeded = true;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/studio-ui-src/main.tsView on unpkg · L103
src/commands/studio.tsView file
498patternName = generic_password severity = medium line = 498 matchedText = password...rd}'
Medium
Secret Pattern

Hardcoded password in src/commands/studio.ts

src/commands/studio.tsView on unpkg · L498
529patternName = generic_password severity = medium line = 529 matchedText = password...rd}'
Medium
Secret Pattern

Hardcoded password in src/commands/studio.ts

src/commands/studio.tsView on unpkg · L529

Findings

7 Medium5 Low
MediumSecret Patterndist/commands/studio.js
MediumDynamic Requiredist/studio-ui-src/main.ts
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/commands/studio.js
MediumSecret Patternsrc/commands/studio.ts
MediumSecret Patternsrc/commands/studio.ts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License