AI Security Review
scanned 1h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a Vue 3 project generator that writes template files only when its CLI is run by the user.
Static reason
One or more suspicious static signals were detected.
Trigger
User runs the create-dp-vue3 CLI
Impact
Creates a new project directory containing Vue template files and optional Cursor rules
Mechanism
interactive template scaffolding with optional git init
Rationale
Static inspection shows a normal user-invoked scaffolding CLI; the network reference is a template demo API endpoint and the child_process usage is limited to optional `git init`. Cursor rules are first-party project guidance copied into the generated template, with no install-time mutation or malicious agent control behavior.
Evidence
package.jsonindex.jssrc/index.jssrc/render.jssrc/prompts.jstemplate/.env.productiontemplate/src/lib/http/client.tstemplate/.cursor/rules/dp-vue3-core.mdc<targetDir><targetDir>/package.json<targetDir>/README.md<targetDir>/src/router<targetDir>/src/views/user<targetDir>/src/views/error<targetDir>/src/components/layout<targetDir>/src/features/user<targetDir>/.git
Network endpoints1
jsonplaceholder.typicode.com
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- src/render.js imports child_process and can run `git init` when user selects initGit
- template/.cursor/rules/*.mdc are copied into generated projects as Cursor coding rules
- template/.env.production sets VITE_API_BASE_URL to https://jsonplaceholder.typicode.com
Evidence against
- package.json has no preinstall/install/postinstall lifecycle hooks
- index.js only invokes src/index.js as the declared CLI bin
- src/index.js prompts user and scaffolds a target directory; no import-time hidden action beyond CLI execution
- src/render.js copies bundled template files, edits package name/README, optionally removes router files, and optionally initializes git
- No credential harvesting, exfiltration, remote payload loading, eval/vm/Function, native binary loading, or destructive behavior found
- The critical-looking .env finding is only a public demo API URL, not a secret
Behavioral surface
ChildProcessFilesystemNetworkShell
NoLicense
Source & flagged code
1 flagged · loading sourcetemplate/.env.productionView file
•patternName = blocked_file
severity = critical
matchedText = template/.env.production
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
Critical Secret
Package contains a critical-looking secret pattern.
template/.env.productionView on unpkgFindings
1 Critical1 Medium3 Low
CriticalCritical Secrettemplate/.env.production
MediumNetwork
LowScripts Present
LowFilesystem
LowNo License