registry  /  brello  /  1.4.0

brello@1.4.0

Roster CLI + MCP — query your team's work from the terminal or Claude

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a credentialed Roster CLI/MCP client whose network request is activated by user commands or MCP tool calls.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `brello` commands, authenticates, or starts `brello-mcp`.
Impact
Authorized team-work data may be returned to the user or configured MCP client; no stealth persistence or foreign AI-agent control-surface mutation is present.
Mechanism
Stores an opted-in Roster token and POSTs requested queries to its Roster gateway.
Rationale
The install hook is terminal-only install theatre, not a mutation or payload mechanism. Runtime networking and local token storage are explicit, package-aligned functionality, and source inspection found no concrete malicious chain.
Evidence
package.jsonlib/postinstall.mjslib/banner.mjscli.mjslib/client.mjslib/auth.mjsmcp.mjsREADME.md~/.roster/token~/.roster/.welcomed
Network endpoints1
sfmdwoxlyvajiutdmqok.supabase.co/functions/v1/roster-query

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • `lib/postinstall.mjs` only imports a banner and writes terminal output.
    • `lib/client.mjs` sends a user-provided Roster token only when CLI/MCP queries run.
    • Token storage is limited to `~/.roster/token` with mode `0600`.
    • `mcp.mjs` exposes stdio MCP query tools; no Claude configuration is written.
    • No child-process, eval/vm, remote-code-loading, or broad config-write primitives found.
    Behavioral surface
    Source
    EnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 7 file(s), 46.7 KB of source, external domains: sfmdwoxlyvajiutdmqok.supabase.co, www.google.com

    Source & flagged code

    2 flagged · loading source
    package.jsonView file
    scripts.postinstall = node lib/postinstall.mjs
    High
    Install Time Lifecycle Scripts

    Package defines install-time lifecycle scripts.

    package.jsonView on unpkg
    scripts.postinstall = node lib/postinstall.mjs
    Medium
    Ambiguous Install Lifecycle Script

    Install-time lifecycle script is not statically allowlisted and needs review.

    package.jsonView on unpkg

    Findings

    1 High3 Medium4 Low
    HighInstall Time Lifecycle Scriptspackage.json
    MediumAmbiguous Install Lifecycle Scriptpackage.json
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings