registry  /  dax  /  0.48.4

dax@0.48.4

Cross platform shell tools inspired by zx.

AI Security Review

scanned 7d ago · by lpm-firewall-ai

No confirmed malicious attack surface by static inspection. The package exposes shell, filesystem path helpers, prompts, and HTTP request helpers that run only when application code invokes them.

Static reason
One or more suspicious static signals were detected.
Trigger
User imports dax and explicitly calls shell/request/path helper APIs.
Impact
No install-time execution, exfiltration, persistence, or agent control-surface mutation found.
Mechanism
user-invoked shell and HTTP utility library
Rationale
The suspicious primitives are package-aligned for a cross-platform shell scripting library and are activated by user API calls, not lifecycle or import-time attack behavior. No credential collection, hardcoded exfiltration endpoint, persistence, destructive install hook, or AI-agent control hijack was found.
Evidence
package.jsonREADME.mdscript/mod.jsesm/mod.jsscript/mod.d.ts

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no install/preinstall/postinstall/prepare lifecycle scripts
    • package.json main/module point to bundled library entrypoints script/mod.js and esm/mod.js
    • script/mod.js child_process spawn is the advertised shell API, reached via user-created CommandBuilder commands
    • script/mod.js fetch is only in $.request/RequestBuilder using caller-supplied URLs
    • process.env access is for shell environment handling, not credential harvesting
    • scanner secret hit is bundled WebAssembly base64 for @david/console-static-text, not a credential
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 2 file(s), 1.36 MB of source, external domains: github.com

    Source & flagged code

    3 flagged · loading source
    esm/mod.jsView file
    3443patternName = aws_access_key severity = critical line = 3443 matchedText = var byte...=");
    Critical
    Critical Secret

    Package contains a critical-looking secret pattern.

    esm/mod.jsView on unpkg · L3443
    3443patternName = aws_access_key severity = critical line = 3443 matchedText = var byte...=");
    Critical
    Secret Pattern

    AWS access key ID in esm/mod.js

    esm/mod.jsView on unpkg · L3443
    script/mod.jsView file
    4043patternName = aws_access_key severity = critical line = 4043 matchedText = var byte...=");
    Critical
    Secret Pattern

    AWS access key ID in script/mod.js

    script/mod.jsView on unpkg · L4043

    Findings

    3 Critical2 Medium4 Low
    CriticalCritical Secretesm/mod.js
    CriticalSecret Patternesm/mod.js
    CriticalSecret Patternscript/mod.js
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings