registry  /  @yh-mf/his-mf-cli  /  1.0.5

@yh-mf/his-mf-cli@1.0.5

Install the dependencies:

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Explicit `his-mf-cli init` scaffolds an application configured to fetch Module Federation manifests and executable remote modules over plain HTTP. No install-time attack surface or direct package exfiltration was confirmed.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `his-mf-cli init`, then runs the generated application.
Impact
A controller of the configured remote host could supply code executed in the generated application's browser context.
Mechanism
Template scaffolding with HTTP Module Federation remote loading.
Rationale
The suspicious execution primitive is dormant Commander library code, while the concrete risk is the explicit CLI-generated template's unauthenticated HTTP remote-module trust boundary. This warrants a warning rather than a publish block.
Evidence
package.jsonREADME.mddist/index.jsdist/template/vue3/.env.devdist/template/vue3/module-federation.config.tsdist/template/vue3/src/bootstrap.tsdist/template/vue3/.envdist/template/vue3/.env.proddist/template/vue3/.env.sitdist/template/vue3/.env.uatdist/template/vue3/src/store/index.ts
Network endpoints2
129.211.138.130:8083129.211.138.130:8083/his_supply_fe/mf-manifest.json

Decision evidence

public snapshot
AI called this Suspicious at 84.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `dist/index.js` copies a Vue template into the caller's current directory on explicit `init`.
  • `dist/template/vue3/.env.*` defaults `PUBLIC_MF_ENTRY` to `http://129.211.138.130:8083`.
  • `module-federation.config.ts` constructs remote manifest URLs from that HTTP endpoint.
  • `bootstrap.ts` and `src/store/index.ts` load remote directives, plugins, and stores at generated-app runtime.
  • `README.md` contains an unused opaque `npm_`-prefixed token-like literal.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
  • The CLI registers only `init`, empty `create`, and empty `update` commands.
  • CLI writes are limited to copied template files plus generated `.env` and `package.json` after explicit `init`.
  • `child_process.spawn` is bundled Commander subcommand support; this CLI defines action callbacks, not executable subcommands.
  • No package code harvests credentials, exfiltrates files, or performs install-time network activity.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 15 file(s), 397 KB of source, external domains: github.com, module-federation.io, rsbuild.rs

Source & flagged code

5 flagged · loading source
dist/template/vue3/.envView file
patternName = blocked_file severity = critical matchedText = dist/template/vue3/.env redactedSecretContext = secretLikeLines = 0 notes = no secret-like key/value lines found in sampled text
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/template/vue3/.envView on unpkg
dist/index.jsView file
2import { EventEmitter } from "node:events"; L3: import node_child_process from "node:child_process"; L4: import node_path from "node:path";
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L2
2924if (node_process.versions?.electron) parseOptions.from = 'electron'; L2925: const execArgv = node_process.execArgv ?? []; L2926: if (execArgv.includes('-e') || execArgv.includes('--eval') || execArgv.includes('-p') || execArgv.includes('--print')) parseOptions.from = 'eval';
High
Shell

Package source references shell execution.

dist/index.jsView on unpkg · L2924
dist/index.cjsView file
19Cross-file remote execution chain: dist/index.cjs spawns dist/index.js; helper contains network access plus dynamic code execution. L19: opts.overwrite = 'overwrite' in opts ? !!opts.overwrite : opts.clobber; L20: if (opts.preserveTimestamps && 'ia32' === process.arch) process.emitWarning("Using the preserveTimestamps option in 32-bit node is not recommended;\n\n see https://github.com/jpric... L21: const { srcStat, destStat } = stat.checkPathsSync(src, dest, 'copy', opts); ... L97: let resolvedSrc = fs.readlinkSync(src); L98: if (opts.dereference) resolvedSrc = path.resolve(process.cwd(), resolvedSrc); L99: if (!destStat) return fs.symlinkSync(resolvedSrc, dest); ... L630: exports1.write = function(fd, buffer, ...args) { L631: if ('function' == typeof args[args.length - 1]) return fs.write(fd, buffer, ...args); L632: return new Promise((resolve, reject)=>{ ... L1174: if (util.debuglog) debug = util.debuglog('gfs4'); L1175: else if (/\bgfs4\b/i.test(process.env.NODE_DEBUG || '')) debug = function() { L1176: var m = util.format.apply(util, arguments);
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/index.cjsView on unpkg · L19
README.mdView file
37patternName = npm_token severity = critical line = 37 matchedText = npm[redacted]
Critical
Secret Pattern

npm access token in README.md

README.mdView on unpkg · L37

Findings

2 Critical3 High1 Medium5 Low
CriticalCritical Secretdist/template/vue3/.env
CriticalSecret PatternREADME.md
HighChild Processdist/index.js
HighShelldist/index.js
HighCross File Remote Execution Contextdist/index.cjs
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License