registry  /  entracte-opencode  /  0.1.0

entracte-opencode@0.1.0

Cookieless entracte sponsor line in the opencode TUI (renders in the working row).

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The plugin fetches sponsor content and optional publisher statistics when loaded by OpenCode, and opens URLs only for sign-in or an explicit sponsor click.

Static reason
One or more suspicious static signals were detected.
Trigger
OpenCode invokes the exported tui plugin; sign-in and sponsor-link opening require user interaction.
Impact
Sends routine sponsor/device-login requests and stores its own machine token; no evidence of unrelated credential access or code execution.
Mechanism
Package-aligned sponsor display, device login, and publisher-token storage.
Rationale
Direct inspection shows an OpenCode sponsor-line plugin with package-aligned API calls, optional device authorization, and its own credential file. Static child-process and filesystem signals are explained by URL opening, debug logging, and local token management, not a concrete malicious chain.
Evidence
package.jsontui.js/tmp/entracte-oc-debug.log~/.config/entracte/credentials.json
Network endpoints5
api.entracte.mbn.dev/api/serveapi.entracte.mbn.dev/api/publisher/statsapi.entracte.mbn.dev/api/publisherapi.entracte.mbn.dev/api/device/startapi.entracte.mbn.dev/api/device/poll

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall lifecycle hook.
    • tui.js exports an OpenCode TUI plugin; runtime behavior starts through its tui callback.
    • Network calls target configured ENTRACTE_API, defaulting to https://api.entracte.mbn.dev.
    • The only credential file is this plugin's ~/.config/entracte/credentials.json machine token.
    • spawn only launches the platform URL opener for sign-in or a clicked sponsor link.
    • No eval, dynamic module loading, shell command construction, harvesting, or destructive traversal found.
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystemNetworkShell
    Supply chain
    UrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 1 file(s), 9.32 KB of source, external domains: api.entracte.mbn.dev

    Source & flagged code

    3 flagged · loading source
    tui.jsView file
    7import { createElement as _$createElement } from "@opentui/solid"; L8: import { spawn } from "child_process"; L9: import { appendFileSync, mkdirSync, readFileSync, rmSync, writeFileSync } from "fs";
    High
    Child Process

    Package source references child process execution.

    tui.jsView on unpkg · L7
    7import { createElement as _$createElement } from "@opentui/solid"; L8: import { spawn } from "child_process"; L9: import { appendFileSync, mkdirSync, readFileSync, rmSync, writeFileSync } from "fs"; ... L21: dbg("=== module loaded ==="); L22: var API = (process.env.ENTRACTE_API || "https://api.entracte.mbn.dev").replace(/\/$/, ""); L23: var POLL_MS = 6e4;
    High
    Same File Env Network Execution

    A single source file combines environment access, network access, and code or shell execution; review context before blocking.

    tui.jsView on unpkg · L7
    7import { createElement as _$createElement } from "@opentui/solid"; L8: import { spawn } from "child_process"; L9: import { appendFileSync, mkdirSync, readFileSync, rmSync, writeFileSync } from "fs"; ... L21: dbg("=== module loaded ==="); L22: var API = (process.env.ENTRACTE_API || "https://api.entracte.mbn.dev").replace(/\/$/, ""); L23: var POLL_MS = 6e4; ... L25: var AMBER = "#f59e0b"; L26: var CREDS = join(homedir(), ".config", "entracte", "credentials.json"); L27: function readCreds() { L28: try { L29: return JSON.parse(readFileSync(CREDS, "utf8")); L30: } catch {
    High
    Sandbox Evasion Gated Capability

    Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

    tui.jsView on unpkg · L7

    Findings

    4 High2 Medium3 Low
    HighChild Processtui.js
    HighShell
    HighSame File Env Network Executiontui.js
    HighSandbox Evasion Gated Capabilitytui.js
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowFilesystem
    LowUrl Strings