registry  /  auditx  /  0.1.30

auditx@0.1.30

One command. Every vulnerability, dead code, and AI-generated code anti-pattern. JSON output built for AI coding agents to parse and self-fix.

AI Security Review

scanned 4d ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit CLI commands such as auditx init-agent, auditx hook install, auditx install, or auditx --fix
Impact
Can alter agent instructions, install/chains git hooks, install scanner tools, and modify target projects when invoked by the user.
Mechanism
User-invoked agent config writes, hook installation, scanner downloads, and auto-fix commands
Rationale
Source inspection does not show unconsented lifecycle execution, exfiltration, or remote payload execution, so publish blocking is not justified. The explicit broad AI-agent configuration writes and hook setup warrant a warning under the control-surface policy.
Evidence
package.jsondist/auditx.jsdist/agent-init-LLOLZMAP.jsdist/hook-XMKHTGQD.jsdist/mcp-server.jsdist/chunk-SI34ZE3Z.jsAGENTS.md.cursor/rules/auditx.mdc.cursorrules.github/copilot-instructions.md.claude/skills/auditx/SKILL.md.git/hooks/pre-commit.git/hooks/pre-push~/.auditx/bin~/.auditx/config.jsonaudit-report.mdsbom.json
Network endpoints5
github.com/gitleaks/gitleaks/releases/download/github.com/aquasecurity/trivy/releases/download/github.com/trufflesecurity/trufflehog/releases/download/github.com/google/osv-scanner/releases/download/github.com/koalaman/shellcheck/releases/download/

Decision evidence

public snapshot
AI called this Suspicious at 84.0% confidence as Benign with medium false-positive risk.
Evidence for warning
  • dist/agent-init-LLOLZMAP.js explicit init-agent writes AGENTS.md, .cursor/rules/auditx.mdc, .github/copilot-instructions.md, and .claude/skills/auditx/SKILL.md
  • dist/agent-init-LLOLZMAP.js Cursor rule uses alwaysApply and instructs agents to run npx auditx before finishing work
  • dist/hook-XMKHTGQD.js explicit hook install writes executable git hooks and chains into existing hooks
  • dist/auditx.js install command downloads scanners and runs npm install -g plus pip install
  • dist/auditx.js --fix runs npx eslint --fix and npx knip --fix --allow-remove-files
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle scripts
  • No import-time execution beyond CLI/MCP setup observed
  • AI agent and git hook mutations require explicit auditx init-agent or auditx hook commands
  • Network/download URLs are aligned with scanner installation or AI provider use
  • No credential harvesting, stealth persistence, exfiltration, obfuscation, or remote payload loader found
  • MCP server exposes audit_codebase only and sets fix:false/ai:false
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 124 KB of source, external domains: github.com, osv.dev, semgrep.dev, trivy.dev

Source & flagged code

5 flagged · loading source
dist/chunk-SI34ZE3Z.jsView file
3import { join } from "path"; L4: import { execSync } from "child_process"; L5: var MAX_DEPTH = 4;
High
Child Process

Package source references child process execution.

dist/chunk-SI34ZE3Z.jsView on unpkg · L3
1030import { promisify as promisify9 } from "util"; L1031: var execAsync = promisify9(exec); L1032: async function runCspell(targetDir, stagedFiles) {
High
Shell

Package source references shell execution.

dist/chunk-SI34ZE3Z.jsView on unpkg · L1030
3import { join } from "path"; L4: import { execSync } from "child_process"; L5: var MAX_DEPTH = 4; ... L7: var TARGET_FILES = /* @__PURE__ */ new Set([ L8: "package.json", L9: "package-lock.json", ... L68: try { L69: const pkg = JSON.parse(readFileSync(pkgPath, "utf-8")); L70: if (pkg.dependencies) Object.keys(pkg.dependencies).forEach((d) => allDeps.add(d)); ... L131: import { existsSync as existsSync2, mkdirSync, createWriteStream, rmSync, renameSync, chmodSync } from "fs"; L132: import https from "https"; L133: import * as tar from "tar";
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/chunk-SI34ZE3Z.jsView on unpkg · L3
dist/auditx.jsView file
matchType = previous_version_dangerous_delta matchedPackage = auditx@0.1.29 matchedIdentity = npm:YXVkaXR4:0.1.29 similarity = 0.600 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/auditx.jsView on unpkg
915try { L916: execSync("npx eslint --fix .", { cwd: targetDir, stdio: "inherit" }); L917: console.log(chalk3.green(" [+] eslint --fix applied"));
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/auditx.jsView on unpkg · L915

Findings

1 Critical3 High3 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/auditx.js
HighChild Processdist/chunk-SI34ZE3Z.js
HighShelldist/chunk-SI34ZE3Z.js
HighRuntime Package Installdist/auditx.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptodist/chunk-SI34ZE3Z.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings