registry  /  bailian-cli-runtime  /  0.0.0-beta-46d8474-20260626

bailian-cli-runtime@0.0.0-beta-46d8474-20260626

Runtime framework for bailian-cli (createCli, registry, args, output, pipeline). See https://www.npmjs.com/package/bailian-cli for usage.

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a Bailian CLI runtime with user-invoked API, download, config, update-check, and workflow execution features.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Importing the package exposes helpers; actions occur when a consuming CLI calls createCli().run() or executePipeline().
Impact
No unconsented execution, harvesting, or exfiltration identified by static inspection.
Mechanism
package-aligned CLI runtime and workflow dispatcher
Rationale
Static inspection found risky primitives, especially user-specified workflow JavaScript execution, but they are exposed as explicit CLI/runtime features rather than install-time, import-time, or covert behavior. No concrete malicious credential theft, persistence, destructive action, or unauthorized network exfiltration was present.
Evidence
package.jsondist/index.mjsdist/index.d.mtsdist/dist-DgvkrLd1.mjsdist/chunk-POvHkJ8y.mjs~/.bailian/config.json<config-dir>/update-state.jsonuser-specified download destination pathsuser-specified pipeline input paths
Network endpoints4
bailian.console.aliyun.combailian.console.aliyun.com/cn-beijingbailian.console.aliyun.com/cn-beijing/?tab=app#/api-keyregistry.npmjs.org

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • dist/index.mjs registers workflow step script/js using Function('args', code), a user-invoked dangerous capability.
  • dist/index.mjs performs runtime fetches for Bailian API calls, npm update checks, and user-requested downloads.
  • dist/index.mjs writes config/update/download outputs via writeConfigFile, update-state.json, and destination paths.
Evidence against
  • package.json has no install/preinstall/postinstall/prepare lifecycle hooks and no bin entry.
  • Top-level dist/index.mjs exports runtime helpers; CLI execution occurs only through createCli(...).run().
  • Network use is package-aligned: Bailian/DashScope API helpers, npm latest-version check, and explicit downloadFile URLs.
  • Credential handling is expected for a Bailian CLI: DASHSCOPE_API_KEY prompt/config, token masking, and bailian-cli-core request helpers.
  • No child_process, native binary loading, persistence, destructive project traversal, or AI-agent control-surface writes found.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 210 KB of source, external domains: 127.0.0.1, bailian.console.aliyun.com, json-schema.org, raw.githubusercontent.com, registry.npmjs.org

Source & flagged code

1 flagged · loading source
dist/index.mjsView file
matchType = previous_version_dangerous_delta matchedPackage = bailian-cli-runtime@1.5.0 matchedIdentity = npm:YmFpbGlhbi1jbGktcnVudGltZQ:1.5.0 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/index.mjsView on unpkg

Findings

1 Critical2 Medium4 Low
CriticalPrevious Version Dangerous Deltadist/index.mjs
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings