registry  /  @yearhe9900/mb-toolbox-cli  /  1.1.5

@yearhe9900/mb-toolbox-cli@1.1.5

MB ToolBox CLI - 项目创建与模板管理工具

AI Security Review

scanned 5d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The package is a user-invoked CLI that manages a .NET project template and can install/update tooling when commands are run.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs mb-cli create, reinstall, update, or config
Impact
Can install .NET SDK/templates or update the CLI during explicit commands; no covert install-time or import-time behavior found.
Mechanism
CLI shelling out to dotnet/npm/curl/PowerShell for template and SDK management
Rationale
Static inspection found risky shell and network primitives, but they are exposed through explicit CLI workflows for .NET template creation/update and no install-time execution, exfiltration, persistence, or covert payload behavior was present. Command construction with user-controlled values is a robustness/security concern, but not evidence that this package is malicious.
Evidence
package.jsonsrc/cli.jssrc/utils/dotnet.jssrc/utils/config.jssrc/commands/create.jssrc/commands/reinstall.jssrc/commands/update.js~/.mb-cli/config.jsonOS temp directory dotnet-install.ps1OS temp directory dotnet-install.shuser-selected project output directory
Network endpoints6
builds.dotnet.microsoft.com/dotnet/scripts/v1/dotnet-install.ps1builds.dotnet.microsoft.com/dotnet/scripts/v1/dotnet-install.shdotnet.microsoft.com/downloaddotnet.microsoft.com/download/dotnet/10.0user-configured NuGet source URLnpm registry via npm install -g @yearhe9900/mb-toolbox-cli@latest

Decision evidence

public snapshot
AI called this Clean at 84.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • src/utils/dotnet.js uses execSync for dotnet, curl, bash, and PowerShell commands
  • src/utils/dotnet.js downloads and executes Microsoft dotnet-install scripts when create needs .NET 10
  • src/commands/update.js runs user-invoked npm install -g @yearhe9900/mb-toolbox-cli@latest
  • src/utils/config.js writes user config to ~/.mb-cli/config.json
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle scripts
  • bin entry src/cli.js only registers explicit CLI subcommands
  • Network activity is tied to CLI create/reinstall/update actions, not install/import time
  • No credential/env harvesting, persistence, destructive behavior, or exfiltration found
  • NuGet source URL is user-configured and package-aligned for template management
  • No AI-agent control-surface writes or prompt/reviewer manipulation found
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 25.6 KB of source, external domains: builds.dotnet.microsoft.com, dotnet.microsoft.com

Source & flagged code

6 flagged · loading source
src/utils/dotnet.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @yearhe9900/mb-toolbox-cli@1.1.3 matchedIdentity = npm:[redacted]:1.1.3 similarity = 0.778 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

src/utils/dotnet.jsView on unpkg
1const { execSync } = require('child_process'); L2: const path = require('path');
High
Child Process

Package source references child process execution.

src/utils/dotnet.jsView on unpkg · L1
70L71: // 使用 PowerShell 下载脚本 L72: const downloadCmd = `powershell -NoProfile -ExecutionPolicy Bypass -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Use...
High
Shell

Package source references shell execution.

src/utils/dotnet.jsView on unpkg · L70
1const { execSync } = require('child_process'); L2: const path = require('path'); ... L40: console.error(chalk.red('错误: 未找到 dotnet 命令,请先安装 .NET SDK')); L41: console.error(chalk.gray(' 下载地址: https://dotnet.microsoft.com/download')); L42: return false; ... L60: function installDotnet10() { L61: const isWin = process.platform === 'win32'; L62: const os = require('os'); ... L145: try { L146: const parsed = JSON.parse(searchResult); L147: const version = parsed.searchResult?.[0]?.packages?.[0]?.latestVersion;
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

src/utils/dotnet.jsView on unpkg · L1
src/utils/config.jsView file
1const fs = require('fs'); L2: const path = require('path');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/utils/config.jsView on unpkg · L1
src/commands/update.jsView file
11// 获取当前版本 L12: const currentVersion = exec('mb-cli --version'); L13: console.log(chalk.gray(`当前版本: ${currentVersion || '未知'}`)); ... L24: try { L25: // 使用 npm install -g @latest 强制更新到最新版本 L26: exec('npm install -g @yearhe9900/mb-toolbox-cli@latest', { stdio: 'inherit' });
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

src/commands/update.jsView on unpkg · L11

Findings

1 Critical4 High2 Medium4 Low
CriticalPrevious Version Dangerous Deltasrc/utils/dotnet.js
HighChild Processsrc/utils/dotnet.js
HighShellsrc/utils/dotnet.js
HighSandbox Evasion Gated Capabilitysrc/utils/dotnet.js
HighRuntime Package Installsrc/commands/update.js
MediumDynamic Requiresrc/utils/config.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings