registry  /  crumbtrail  /  0.1.0

crumbtrail@0.1.0

Defaults to a dead endpoint — upgrade to 0.1.1

Crumbtrail setup CLI — detect your framework and wire the SDK into your app in one step.

AI Security Review

scanned 5h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The explicit setup CLI authenticates to Crumbtrail, installs its SDK, and edits selected project files to add instrumentation.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs `crumbtrail` setup/login commands.
Impact
May install SDK packages and write a Crumbtrail ingest key plus instrumentation into the chosen project.
Mechanism
User-invoked SDK provisioning, authentication, and project instrumentation.
Rationale
The scanner conflates an explicit project-setup CLI with credential exfiltration. Source shows package-aligned authentication and instrumentation only, without install-time execution or a concrete malicious chain.
Evidence
package.jsondist/cli.cjsdist/cli.jsdist/chunk-UFJ2BODB.jsdist/index.js
Network endpoints1
crumbtrail-cloud-production.up.railway.app

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `dist/cli.cjs` invokes package-manager installs and has a cloud tarball fallback after an explicit CLI setup command.
  • `dist/cli.cjs` writes `CRUMBTRAIL_KEY` to the selected project's `.env` during user-invoked instrumentation.
  • `dist/cli.cjs` can generate an AI setup prompt containing a `curl | sh` instruction, but does not execute it.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
  • `dist/cli.cjs` runs only when invoked as the `crumbtrail` CLI; library exports are side-effect-free.
  • Network requests target the configured Crumbtrail API, defaulting to the package-aligned Railway host.
  • Auth storage is limited to `~/.config/crumbtrail/auth.json` with mode `0600`; no broad credential harvesting was found.
  • No exfiltration of environment variables, shell/eval payload execution, AI-agent config writes, or persistence was found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 959 KB of source, external domains: 127.0.0.1, crumbtrail-cloud-production.up.railway.app, github.com, react.dev, reactjs.org, www.w3.org

Source & flagged code

5 flagged · loading source
dist/chunk-UFJ2BODB.jsView file
2840import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs"; L2841: import { execFileSync } from "child_process"; L2842: import path2 from "path";
High
Child Process

Package source references child process execution.

dist/chunk-UFJ2BODB.jsView on unpkg · L2840
dist/cli.cjsView file
508"use strict"; L509: "production" !== process.env.NODE_ENV && (function() { L510: function defineDeprecationWarning(methodName, info) { ... L647: specialPropKeyWarningShown || (specialPropKeyWarningShown = true, console.error( L648: "%s: `key` is not a prop. Trying to access it will result in `undefined` being returned. If you need to access the same value within the child component, you should pass it as a di... L649: displayName ... L2191: var import_node_path8 = __toESM(require("path"), 1); L2192: var import_node_child_process3 = require("child_process"); L2193: ... L2204: function readPackageJson(dir) { L2205: const text2 = safeRead(import_node_path.default.join(dir, "package.json")); L2206: if (text2 == null) return null;
Critical
Credential Exfiltration

Source appears to send environment or credential material to an external endpoint.

dist/cli.cjsView on unpkg · L508
508Trigger-reachable chain: manifest.bin -> dist/cli.cjs L508: "use strict"; L509: "production" !== process.env.NODE_ENV && (function() { L510: function defineDeprecationWarning(methodName, info) { ... L647: specialPropKeyWarningShown || (specialPropKeyWarningShown = true, console.error( L648: "%s: `key` is not a prop. Trying to access it will result in `undefined` being returned. If you need to access the same value within the child component, you should pass it as a di... L649: displayName ... L2191: var import_node_path8 = __toESM(require("path"), 1); L2192: var import_node_child_process3 = require("child_process"); L2193: ... L2204: function readPackageJson(dir) { L2205: const text2 = safeRead(import_node_path.default.join(dir, "package.json")); L2206: if (text2 == null) return null;
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/cli.cjsView on unpkg · L508
7320var import_node_crypto = require("crypto"); L7321: var import_node_child_process2 = require("child_process"); L7322: var import_node_fs4 = require("fs"); L7323: var import_node_http = __toESM(require("http"), 1); L7324: var import_node_os = __toESM(require("os"), 1); ... L7331: } L7332: function resolveEndpoint(flagEndpoint, env = process.env) { L7333: const chosen = flagEndpoint && flagEndpoint.trim() || env.CRUMBTRAIL_BASE_URL && env.CRUMBTRAIL_BASE_URL.trim() || DEFAULT_ENDPOINT;
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/cli.cjsView on unpkg · L7320
dist/cli.jsView file
14Cross-file remote execution chain: dist/cli.js spawns dist/chunk-UFJ2BODB.js; helper contains network access plus dynamic code execution. L14: import path4 from "path"; L15: import { spawnSync } from "child_process"; L16: ... L27: } from "fs"; L28: import http from "http"; L29: import os from "os"; ... L36: } L37: function resolveEndpoint(flagEndpoint, env = process.env) { L38: const chosen = flagEndpoint && flagEndpoint.trim() || env.CRUMBTRAIL_BASE_URL && env.CRUMBTRAIL_BASE_URL.trim() || DEFAULT_ENDPOINT; ... L83: headers, L84: body: bodyInit, L85: signal: opts.signal
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/cli.jsView on unpkg · L14

Findings

2 Critical4 High3 Medium4 Low
CriticalCredential Exfiltrationdist/cli.cjs
CriticalTrigger Reachable Dangerous Capabilitydist/cli.cjs
HighChild Processdist/chunk-UFJ2BODB.js
HighShell
HighSame File Env Network Executiondist/cli.cjs
HighCross File Remote Execution Contextdist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings