registry  /  create-better-fullstack  /  2.2.0

create-better-fullstack@2.2.0

Scaffold production-ready fullstack apps in seconds. Pick your stack from 425 options — the CLI wires everything together.

AI Security Review

scanned 5h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The user-invoked scaffolder can install selected MCP servers into project or global AI-agent configuration through `add-mcp@latest`. It also posts anonymized CLI telemetry after project creation; no install-time attack surface is present.

Static reason
No blocking static signals were detected.
Trigger
Running the CLI with the `mcp` addon selected, or creating a project with telemetry enabled.
Impact
Selected agents may gain MCP servers that execute remote or npm-delivered tooling; telemetry sends stack metadata and an anonymous machine ID.
Mechanism
Explicit MCP-agent configuration via external `add-mcp@latest`; opt-out telemetry POST.
Rationale
This is not malicious because no lifecycle hook or stealthy exfiltration/persistence chain was found. It warrants a warning because explicit MCP setup can modify AI-agent control surfaces and register remote or latest-version tooling.
Evidence
package.jsondist/cli.mjsdist/run-DmN7QRt5.mjsdist/addons-setup-DR924M7b.mjsdist/analytics-BXlOG6u6.mjs
Network endpoints4
curious-elephant-653.convex.site/api/analytics/ingestdocs.mcp.cloudflare.com/ssemcp.supabase.com/mcpmcp.clerk.com/mcp

Decision evidence

public snapshot
AI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `dist/addons-setup-DR924M7b.mjs` runs `add-mcp@latest` to configure selected AI clients.
  • MCP setup supports project or global scope and agents including Cursor, Claude Code, Codex, and VS Code.
  • Selected MCP targets can be remote URLs or `npx ...@latest` commands.
  • `dist/analytics-BXlOG6u6.mjs` sends opt-out telemetry to a Convex endpoint.
Evidence against
  • `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` hook.
  • `dist/cli.mjs` only runs after the user invokes the CLI.
  • MCP mutation is gated by the explicit `mcp` addon and interactive scope/agent selections.
  • No credential harvesting, secret-file reads, eval/vm usage, native loading, or destructive behavior found.
  • Telemetry strips project name and paths and documents an opt-out.
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 27 file(s), 896 KB of source, external domains: adoptium.net, app.dodopayments.com, app.lemonsqueezy.com, app.revenuecat.com, app.stack-auth.com, auth0.com, authjs.dev, better-fullstack-web.vercel.app, cloud.mongodb.com, commet.co, console.neon.tech, console.prisma.io, console.upstash.com, curious-elephant-653.convex.site, dashboard.clerk.com, dashboard.render.com, dashboard.stripe.com, docs.astral.sh, docs.convex.dev, docs.creem.io, docs.deno.com, docs.docker.com, docs.mcp.cloudflare.com, docs.netlify.com, docs.turso.tech, elixir-lang.org, get.tur.so, github.com, go.dev, manage.auth0.com, mcp.clerk.com, mcp.docs.astro.build, mcp.expo.dev, mcp.inkeep.com, mcp.neon.tech, mcp.polar.sh, mcp.pscale.dev, mcp.revenuecat.ai, mcp.supabase.com, mcp.svelte.dev, neon.tech, nuxt.com, orm.drizzle.team, registry.npmjs.org, render.com, rustup.rs, sandbox.polar.sh, supabase.com, turso.tech, ui.nuxt.com

Source & flagged code

2 flagged · loading source
dist/addons-setup-DR924M7b.mjsView file
Published source reference
Medium
Ai Review Evidence

`dist/addons-setup-DR924M7b.mjs` runs `add-mcp@latest` to configure selected AI clients.

dist/addons-setup-DR924M7b.mjsView on unpkg
dist/analytics-BXlOG6u6.mjsView file
Published source reference
Medium
Ai Review Evidence

`dist/analytics-BXlOG6u6.mjs` sends opt-out telemetry to a Convex endpoint.

dist/analytics-BXlOG6u6.mjsView on unpkg

Findings

6 Medium5 Low
MediumNetwork
MediumEnvironment Vars
MediumAi Review Evidencedist/addons-setup-DR924M7b.mjs
MediumAi Review Evidence
MediumAi Review Evidence
MediumAi Review Evidencedist/analytics-BXlOG6u6.mjs
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings