registry  /  codemini-cli  /  0.8.2

codemini-cli@0.8.2

An extremely restrained coding + tasks CLI. Every platform. Every terminal. Minimal by design.

AI Security Review

scanned 6h ago · by lpm-firewall-ai

No confirmed malicious install-time or import-time attack surface was found. The package is an explicit-user CLI coding agent with shell, file, and web tools governed by workspace and command policy.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs codemini and asks it to use tools.
Impact
Can modify the selected workspace, run requested shell commands, and perform configured web requests; no unconsented exfiltration or persistence found.
Mechanism
User-invoked agent tool execution
Rationale
Direct inspection found no lifecycle execution, credential harvesting, stealth persistence, foreign AI-agent control-surface mutation, or remote payload execution. Risky primitives implement the advertised, explicitly invoked coding-agent functionality and include workspace/command controls.
Evidence
package.jsonbin/coder.jssrc/cli.jssrc/core/tools.jssrc/core/shell.jssrc/core/command-policy.jssrc/commands/skill.jscodemini-web/server.js

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall lifecycle hook.
    • bin/coder.js only invokes the CLI after explicit user execution.
    • src/core/tools.js exposes fetch/search only as agent tools, not import-time behavior.
    • src/core/tools.js confines workspace file mutations to resolved allowed roots.
    • src/core/shell.js and src/core/command-policy.js apply command blocking/approval policy.
    • Scanner-hit dist assets are bundled editor/UI dependencies; no concrete payload chain found.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShell
    Supply chain
    HighEntropyStringsMinifiedObfuscatedUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 731 file(s), 22.3 MB of source, external domains: 127.0.0.1, api.exa.ai, api.github.com, api.tavily.com, cdn.jsdelivr.net, cn.bing.com, codemini.local, example.com, github.com, html.spec.whatwg.org, img.youtube.com, radix-ui.com, react.dev, unpkg.com, www.google.com, www.markdownguide.org, www.reddit.com, www.w3.org, www.youtube.com

    Source & flagged code

    5 flagged · loading source
    codemini-web/dist/assets/vue-vine-Di7Vc_-0.jsView file
    1import{t as e}from"./javascript-uC_ymh2K.js";import{t}from"./css-BBfbkQ4Z.js";import{t as n}from"./scss-6l0uLbp8.js";import r from"./postcss-BXeXVLqQ.js";import i from"./less-DVTAw...
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    codemini-web/dist/assets/vue-vine-Di7Vc_-0.jsView on unpkg · L1
    codemini-web/dist/assets/MarkdownEditor-kQWDzhOR.jsView file
    11contains invisible/control Unicode U+200E (left-to-right mark) `&&F()}function K(){for(;Ho[N];)F()}function q(e){e===void 0&&(e=!1),K();for(var t=[be(e)];P(`,`);)F(),K(),t.push(be(e));return{type:`Selector`,rules:t}}function me(){B(`[`),K();var e;if(P(`|`)){L(y,`Namespaces are not enabled.`),F();var t=
    Critical
    Trojan Source Unicode

    Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

    codemini-web/dist/assets/MarkdownEditor-kQWDzhOR.jsView on unpkg · L11
    codemini-web/dist/animations/home/general/loader-cat-dark.lottieView file
    path = codemini-[redacted]-cat-dark.lottie kind = compressed_blob sizeBytes = 4034 magicHex = [redacted]
    Medium
    Ships Compressed Blob

    Package ships compressed or archive-like blobs.

    codemini-web/dist/animations/home/general/loader-cat-dark.lottieView on unpkg
    path = codemini-[redacted]-cat-dark.lottie kind = nested_archive_needs_inspection sizeBytes = 4034 magicHex = [redacted]
    Low
    Nested Archive Needs Inspection

    Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

    codemini-web/dist/animations/home/general/loader-cat-dark.lottieView on unpkg
    codemini-web/dist/assets/GeistMono-Variable-Dispecij.woff2View file
    path = codemini-web/dist/assets/GeistMono-Variable-Dispecij.woff2 kind = high_entropy_blob sizeBytes = 71368 magicHex = [redacted]
    High
    Ships High Entropy Blob

    Package ships high-entropy non-source blobs.

    codemini-web/dist/assets/GeistMono-Variable-Dispecij.woff2View on unpkg

    Findings

    1 Critical1 High5 Medium6 Low
    CriticalTrojan Source Unicodecodemini-web/dist/assets/MarkdownEditor-kQWDzhOR.js
    HighShips High Entropy Blobcodemini-web/dist/assets/GeistMono-Variable-Dispecij.woff2
    MediumDynamic Requirecodemini-web/dist/assets/vue-vine-Di7Vc_-0.js
    MediumNetwork
    MediumEnvironment Vars
    MediumShips Compressed Blobcodemini-web/dist/animations/home/general/loader-cat-dark.lottie
    MediumStructural Risk Force Deep Review
    LowScripts Present
    LowFilesystem
    LowObfuscated
    LowHigh Entropy Strings
    LowUrl Strings
    LowNested Archive Needs Inspectioncodemini-web/dist/animations/home/general/loader-cat-dark.lottie