registry  /  create-dp-vue3  /  0.1.5

create-dp-vue3@0.1.5

Create a Vue 3 + TypeScript + Tailwind CSS project

AI Security Review

scanned 1h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious attack surface. The real risk is explicit user-command scaffolding of Cursor rules into the new project, plus normal template file writes and optional git initialization.

Static reason
One or more suspicious static signals were detected.
Trigger
Running the create-dp-vue3 bin and completing prompts
Impact
Generated project receives Vue template files, .env demo API config, .cursor rules, and optionally a git repository.
Mechanism
Vue project scaffolder copying bundled template files
Rationale
Static inspection shows a normal interactive Vue scaffold with no install-time execution or malicious data flow, but it does copy always-apply Cursor rule files into generated projects on explicit CLI use. Under the provided policy this is warn-level agent extension lifecycle risk, not a publish-blocking malicious package.
Evidence
package.jsonindex.jssrc/index.jssrc/render.jssrc/prompts.jstemplate/.env.productiontemplate/src/lib/http/client.tstemplate/.cursor/rules/dp-dev-workflow.mdc<targetDir>/**<targetDir>/src/router<targetDir>/src/views/user<targetDir>/src/views/error<targetDir>/src/components/layout<targetDir>/src/features/user<targetDir>/.cursor/rules/*.mdc<targetDir>/.git
Network endpoints1
jsonplaceholder.typicode.com

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • User-invoked CLI copies template/.cursor/rules/*.mdc into generated projects via src/render.js copyDir.
  • template/.cursor/rules/dp-dev-workflow.mdc has alwaysApply:true and instructs workflow/document edits.
  • src/render.js can run execSync('git init') when user confirms initGit.
  • template/.env* sets VITE_API_BASE_URL=https://jsonplaceholder.typicode.com.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks.
  • Entrypoint index.js only imports src/index.js for interactive scaffolding.
  • No credential harvesting, exfiltration, remote payload loading, eval/vm/Function, or native binary loading found.
  • Network use is template app axios to jsonplaceholder via VITE_API_BASE_URL, not reviewer/package exfiltration.
  • Scanner secret hit in template/.env.production is a public demo API URL, not a secret.
Behavioral surface
Source
ChildProcessFilesystemNetworkShell
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 32 file(s), 19.2 KB of source

Source & flagged code

1 flagged · loading source
template/.env.productionView file
patternName = blocked_file severity = critical matchedText = template/.env.production redactedSecretContext = secretLikeLines = 0 notes = no secret-like key/value lines found in sampled text
Critical
Critical Secret

Package contains a critical-looking secret pattern.

template/.env.productionView on unpkg

Findings

1 Critical1 Medium3 Low
CriticalCritical Secrettemplate/.env.production
MediumNetwork
LowScripts Present
LowFilesystem
LowNo License