registry  /  bosia  /  0.8.9

bosia@0.8.9

A fast, batteries-included fullstack framework — SSR · Svelte 5 Runes · Bun · ElysiaJS. File-based routing No Node.js, no Vite, no adapters.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Explicit registry-install commands fetch mutable upstream content, write it into the current project, and can install declared dependencies. Registry paths are not visibly constrained before filesystem joins.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `bosia add`, `bosia feat`, or `bosia create`.
Impact
A compromised registry could stage arbitrary project changes or dependency installation; no install-time package attack is present.
Mechanism
Remote registry payload download and project-file/dependency mutation.
Rationale
No concrete malicious behavior was found after source inspection, but unpinned remote registry payloads can mutate projects and install dependencies without visible path constraints. Downgrade to a warning for the unresolved staged-payload/supply-chain risk.
Evidence
package.jsonsrc/cli/add.tssrc/cli/feat.tssrc/cli/registry.tssrc/cli/create.tssrc/core/plugins/inspector/index.tssrc/lib/components/<registry path>.env<project files selected by feature metadata>
Network endpoints2
raw.githubusercontent.com/bosapi/bosia/main/registrygithub.com/bosapi/bosia/releases/download/

Decision evidence

public snapshot
AI called this Suspicious at 84.0% confidence as Critical Vulnerability with medium false-positive risk.
Evidence for warning
  • `src/cli/add.ts` fetches mutable registry content from GitHub.
  • `src/cli/add.ts` joins registry-supplied paths/files without visible traversal validation.
  • `src/cli/registry.ts` writes fetched files and runs `bun add` for registry-supplied dependencies.
  • `src/cli/feat.ts` applies remote feature file mutations to the user project.
Evidence against
  • `package.json` has no preinstall/install/postinstall lifecycle hooks.
  • Network and writes occur only after explicit `create`, `add`, or `feat` CLI commands.
  • No credential harvesting, secret exfiltration, hidden persistence, or AI-agent config writes found.
  • `src/core/plugins/inspector/index.ts` posts only to an explicitly configured dev AI endpoint.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
WildcardDependency
scanned 93 file(s), 451 KB of source, external domains: fonts.googleapis.com, github.com, raw.githubusercontent.com

Source & flagged code

4 flagged · loading source
src/core/dev.tsView file
126console.log("🏗️ Building..."); L127: const proc = spawn(["bun", "run", BUILD_SCRIPT], { L128: stdout: "inherit",
High
Child Process

Package source references child process execution.

src/core/dev.tsView on unpkg · L126
src/core/plugin.tsView file
13name: "bosia-resolver", L14: setup(build: import("bun").PluginBuilder) { L15: // bosia:routes → .bosia/routes.client.ts (browser) or .bosia/routes.ts (server)
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/core/plugin.tsView on unpkg · L13
src/cli/registry.tsView file
184L185: /** Run `bun add` for deps and optionally `bun add --dev` for devDeps. */ L186: export async function bunAdd( ... L193: console.log(`\n📥 npm: ${packages.join(", ")}`); L194: const proc = spawn(["bun", "add", ...packages], { L195: stdout: "inherit",
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

src/cli/registry.tsView on unpkg · L184
src/cli/create.tsView file
matchType = previous_version_dangerous_delta matchedPackage = bosia@0.8.8 matchedIdentity = npm:Ym9zaWE:0.8.8 similarity = 0.989 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

src/cli/create.tsView on unpkg

Findings

1 Critical3 High5 Medium4 Low
CriticalPrevious Version Dangerous Deltasrc/cli/create.ts
HighChild Processsrc/core/dev.ts
HighShell
HighRuntime Package Installsrc/cli/registry.ts
MediumDynamic Requiresrc/core/plugin.ts
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings