registry  /  create-zenithcms-app  /  1.0.0-beta.30

create-zenithcms-app@1.0.0-beta.30

AI Security Review

scanned 8h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a create-* CLI that writes Zenith CMS scaffold files only when the user runs the bin command.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs create-zenithcms-app [directory]
Impact
Creates a CMS starter project in the requested directory; no exfiltration, persistence, lifecycle mutation, or agent control hijack identified.
Mechanism
local project scaffolding with generated config, docs, tests, and random .env secrets
Rationale
Source inspection shows a user-invoked scaffolding CLI with no install-time execution, network code, credential harvesting, persistence, or foreign AI-agent control-surface mutation. Scanner secret/env hits are generated local secrets and documentation/template examples, so they do not establish malicious behavior.
Evidence
package.jsondist/index.jsLICENSE<target>/package.json<target>/src/server.ts<target>/src/collections/Users.ts<target>/src/zenith.config.ts<target>/tsconfig.json<target>/.env<target>/.gitignore<target>/tests/config.test.ts<target>/docker-compose.yml<target>/README.md<target>/docs/API.md<target>/docs/ARCHITECTURE.md<target>/docs/FEATURES.md<target>/docs/DEPLOYMENT.md<target>/docs/PLUGINS.md

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no lifecycle hooks; only bin maps create-zenithcms-app to ./dist/index.js.
    • dist/index.js is a user-invoked scaffolding CLI that creates a target project directory and exits.
    • Generated .env secrets use crypto.randomBytes locally; no hardcoded live secret or credential harvesting found.
    • No child_process, eval/vm/Function, dynamic require/import, native binary loading, or network request APIs found.
    • process.env references are inside generated app/docs plugin examples, not used to read and exfiltrate reviewer/user credentials.
    • No AI-agent control-surface writes such as .mcp.json, CLAUDE.md, Codex/Cursor settings, hooks, or persistence files found.
    Behavioral surface
    Source
    CryptoEnvironmentVarsFilesystem
    Supply chain
    HighEntropyStringsUrlStrings
    Manifest
    NoLicense
    scanned 1 file(s), 32.1 KB of source, external domains: console.cloud.google.com, dashboard.stripe.com, pub-xxx.r2.dev, resend.com, xxx.r2.cloudflarestorage.com, xxxxxxxxxxxxxxxxx.r2.cloudflarestorage.com, your-cms-url.com, your-idp.okta.com

    Source & flagged code

    5 flagged · loading source
    dist/index.jsView file
    627patternName = aws_access_key severity = critical line = 627 matchedText = AWS_ACCE...MPLE
    Critical
    Critical Secret

    Package contains a critical-looking secret pattern.

    dist/index.jsView on unpkg · L627
    627patternName = aws_access_key severity = critical line = 627 matchedText = AWS_ACCE...MPLE
    Critical
    Secret Pattern

    AWS access key ID in dist/index.js

    dist/index.jsView on unpkg · L627
    628patternName = aws_secret_key severity = critical line = 628 matchedText = AWS_SECR...EKEY
    Critical
    Secret Pattern

    AWS secret access key in dist/index.js

    dist/index.jsView on unpkg · L628
    846patternName = stripe_live_secret severity = critical line = 846 matchedText = STRIPE_S...xxxx
    Critical
    Secret Pattern

    Stripe live secret key in dist/index.js

    dist/index.jsView on unpkg · L846
    847patternName = stripe_webhook_secret severity = high line = 847 matchedText = STRIPE_W...xxxx
    High
    Secret Pattern

    Stripe webhook signing secret in dist/index.js

    dist/index.jsView on unpkg · L847

    Findings

    4 Critical1 High1 Medium5 Low
    CriticalCritical Secretdist/index.js
    CriticalSecret Patterndist/index.js
    CriticalSecret Patterndist/index.js
    CriticalSecret Patterndist/index.js
    HighSecret Patterndist/index.js
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings
    LowNo License