registry  /  create-thally-docs  /  0.7.2

create-thally-docs@0.7.2

Scaffold a new Thally documentation project

AI Security Review

scanned 3h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `create-thally-docs <dir>` or invokes scaffold.
Impact
A generated project receives `AGENTS.md` guidance and template files; this is a policy-relevant agent-config mutation but not a confirmed malicious chain.
Mechanism
User-invoked project scaffolding with generated agent instructions.
Rationale
The package is not malicious by source evidence, but its automatic creation of `AGENTS.md` during an explicit scaffold command fits the firewall's warn-level agent-config mutation policy.
Evidence
package.jsondist/index.jsdist/chunk-KN6QUPKR.jsdist/chunk-QGRDDS5V.jsREADME.mdAGENTS.mddocs.jsonsrc/contentsrc/data/site.ts.env.local
Network endpoints2
codeload.github.com/thallylabs/docs/tar.gz/maingithub.com/<owner>/<repo>.git

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `dist/chunk-KN6QUPKR.js` writes `AGENTS.md` during the scaffold command.
  • `dist/chunk-KN6QUPKR.js` downloads and extracts a remote template into the selected project.
  • `dist/chunk-QGRDDS5V.js` uses shell `git clone` for the user-invoked migrate command.
Evidence against
  • `package.json` has no preinstall, install, or postinstall lifecycle hook.
  • The executable runs only through the declared `create-thally-docs` bin/import entrypoint.
  • Network use is command-scoped: GitHub template/repository retrieval and explicit Anthropic translation/conversion.
  • No credential harvesting, stealth persistence, eval/Function use, or foreign agent-config writes were found.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 92.1 KB of source, external domains: app.thally.io, codeload.github.com, docs.thally.io, github.com

Source & flagged code

1 flagged · loading source
dist/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = create-thally-docs@0.7.0 matchedIdentity = npm:Y3JlYXRlLXRoYWxseS1kb2Nz:0.7.0 similarity = 0.600 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/index.jsView on unpkg

Findings

1 High2 Medium5 Low
HighPrevious Version Dangerous Deltadist/index.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings