registry  /  crumbtrail  /  0.2.1

crumbtrail@0.2.1

Crumbtrail setup CLI — detect your framework and wire the SDK into your app in one step.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a user-invoked setup CLI that authenticates with its service, installs its SDK, and injects configuration into the selected project.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source
Trigger
User runs `crumbtrail` or `npx crumbtrail`; no install-time trigger exists.
Impact
Can modify the user-selected project's entry file and `.env` after CLI execution; no hidden persistence or credential harvesting was found.
Mechanism
Interactive SDK provisioning and project-local source/.env injection.
Rationale
Static inspection confirms the flagged primitives implement the documented, explicit setup workflow rather than exfiltration or stealth execution. No lifecycle hook, arbitrary code execution, foreign AI-agent control-surface mutation, or non-user-invoked malicious chain was found.
Evidence
package.jsonREADME.mddist/cli.cjsdist/index.cjsdist/cli.jsdist/chunk-MZDASWQ7.js.env
Network endpoints1
app.crumbtrail.dev

Decision evidence

public snapshot
AI called this Clean at 95.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall, install, postinstall, or prepare lifecycle hook.
    • dist/cli.cjs runs only when the crumbtrail CLI entrypoint is invoked.
    • Network requests use the configured Crumbtrail endpoint, defaulting to https://app.crumbtrail.dev.
    • Environment access is limited to Crumbtrail settings/key and local display/config paths.
    • child_process use is fixed-argument git status, opening a login browser, and user-visible package-manager installation.
    • Writes are explicit setup actions: detected project entry file and that package's .env; ambiguous plans do not edit files.
    Behavioral surface
    Source
    ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 6 file(s), 297 KB of source, external domains: 127.0.0.1, app.crumbtrail.dev

    Source & flagged code

    5 flagged · loading source
    dist/chunk-MZDASWQ7.jsView file
    688import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs"; L689: import { execFileSync } from "child_process"; L690: import path2 from "path";
    High
    Child Process

    Package source references child process execution.

    dist/chunk-MZDASWQ7.jsView on unpkg · L688
    dist/cli.cjsView file
    46var import_node_path8 = __toESM(require("path"), 1); L47: var import_node_child_process3 = require("child_process"); L48: ... L59: function readPackageJson(dir) { L60: const text = safeRead(import_node_path.default.join(dir, "package.json")); L61: if (text == null) return null; L62: try { L63: const parsed = JSON.parse(text); L64: return parsed && typeof parsed === "object" ? parsed : null; ... L688: "// Crumbtrail \u2014 auto-captures uncaught exceptions, unhandled rejections, and", L689: "// console.error. Key is read from process.env.CRUMBTRAIL_KEY, which autoCapture", L690: "// loads from your .env (written by the CLI). Express apps can also add",
    Critical
    Credential Exfiltration

    Source appears to send environment or credential material to an external endpoint.

    dist/cli.cjsView on unpkg · L46
    46Trigger-reachable chain: manifest.bin -> dist/cli.cjs L46: var import_node_path8 = __toESM(require("path"), 1); L47: var import_node_child_process3 = require("child_process"); L48: ... L59: function readPackageJson(dir) { L60: const text = safeRead(import_node_path.default.join(dir, "package.json")); L61: if (text == null) return null; L62: try { L63: const parsed = JSON.parse(text); L64: return parsed && typeof parsed === "object" ? parsed : null; ... L688: "// Crumbtrail \u2014 auto-captures uncaught exceptions, unhandled rejections, and", L689: "// console.error. Key is read from process.env.CRUMBTRAIL_KEY, which autoCapture", L690: "// loads from your .env (written by the CLI). Express apps can also add",
    Critical
    Trigger Reachable Dangerous Capability

    A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

    dist/cli.cjsView on unpkg · L46
    matchType = previous_version_dangerous_delta matchedPackage = crumbtrail@0.1.1 matchedIdentity = npm:Y3J1bWJ0cmFpbA:0.1.1 similarity = 0.400 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/cli.cjsView on unpkg
    1580var import_node_crypto = require("crypto"); L1581: var import_node_child_process2 = require("child_process"); L1582: var import_node_fs4 = require("fs"); L1583: var import_node_http = __toESM(require("http"), 1); L1584: var import_node_os = __toESM(require("os"), 1); ... L1591: } L1592: function resolveEndpoint(flagEndpoint, env = process.env) { L1593: const chosen = flagEndpoint && flagEndpoint.trim() || env.CRUMBTRAIL_BASE_URL && env.CRUMBTRAIL_BASE_URL.trim() || DEFAULT_ENDPOINT;
    High
    Same File Env Network Execution

    A single source file combines environment access, network access, and code or shell execution; review context before blocking.

    dist/cli.cjsView on unpkg · L1580

    Findings

    3 Critical3 High3 Medium4 Low
    CriticalCredential Exfiltrationdist/cli.cjs
    CriticalTrigger Reachable Dangerous Capabilitydist/cli.cjs
    CriticalPrevious Version Dangerous Deltadist/cli.cjs
    HighChild Processdist/chunk-MZDASWQ7.js
    HighShell
    HighSame File Env Network Executiondist/cli.cjs
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings