registry  /  hyperframes  /  0.7.58

hyperframes@0.7.58

HyperFrames CLI — create, preview, and render HTML video compositions

AI Security Review

scanned 2h ago · by lpm-firewall-ai

On ordinary CLI invocation, the package checks the npm registry and may launch a detached global self-update without an interactive confirmation. The AI-agent skill mirroring path is command-driven rather than install-time.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Run most `hyperframes` CLI subcommands while a newer compatible registry version is available.
Impact
A compromised or unexpected newer registry release could replace the globally installed CLI without an approval prompt.
Mechanism
Detached package-manager self-update; explicit skill-directory symlinking.
Rationale
No install-time malware or data-exfiltration chain is confirmed. However, unprompted detached global self-updating is a concrete persistent mutation capability and merits a warning rather than a clean verdict.
Evidence
dist/cli.jspackage.json
Network endpoints2
registry.npmjs.org/hyperframes/latestus.i.posthog.com

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `dist/cli.js` checks npm for updates during ordinary CLI runs.
  • `dist/cli.js` silently spawns detached `npm`/`pnpm`/`bun` global self-updates for newer non-major releases.
  • `dist/cli.js` can link skills into detected AI-agent directories, but only from the explicit `skills` flow.
Evidence against
  • `package.json` defines no preinstall/install/postinstall lifecycle hook.
  • No source evidence of credential harvesting, arbitrary payload download, or secret exfiltration.
  • Agent-directory mutations are restricted to package skills and occur after explicit skills installation/update.
  • Telemetry targets PostHog and is disableable through documented environment/config controls.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 15 file(s), 2.18 MB of source, external domains: aomediacodec.github.io, api.figma.com, api.heygen.com, cdn.example.com, cdn.jsdelivr.net, evilmartians.com, example.com, github.com, react.dev, studio.local, us.i.posthog.com, www.figma.com, www.w3.org, www.w3ctech.com, www.webmproject.org
Oversized source lightweight scan
dist/cli.js9.35 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsShellDynamicRequireHighEntropyStringsUrlStringsapi.figma.comapi.heygen.comcdn.example.comexample.comwww.figma.com
dist/studio/assets/index-B_UvTX3E.js3.27 MB file, sampled 256 KB
NetworkChildProcessObfuscatedHighEntropyStringsMinifiedTelemetryUrlStringsgithub.comreact.devwww.w3.org
dist/studio/index.js2.08 MB file, sampled 256 KB
NetworkChildProcessHighEntropyStringsTelemetryUrlStringsus.i.posthog.comwww.w3.org

Source & flagged code

3 flagged · loading source
dist/studio/index.jsView file
path = dist/studio/index.js kind = oversized_source_file sizeBytes = 2179411 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/studio/index.jsView on unpkg
dist/cli.jsView file
path = dist/cli.js kind = oversized_cli_entrypoint sizeBytes = 9805169 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

dist/cli.jsView on unpkg
dist/hyperframes-slideshow.global.jsView file
matchType = previous_version_dangerous_delta matchedPackage = hyperframes@0.7.55 matchedIdentity = npm:aHlwZXJmcmFtZXM:0.7.55 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/hyperframes-slideshow.global.jsView on unpkg

Findings

2 High5 Medium6 Low
HighOversized Source Filedist/studio/index.js
HighPrevious Version Dangerous Deltadist/hyperframes-slideshow.global.js
MediumDynamic Require
MediumNetwork
MediumEnvironment Vars
MediumOversized Cli Entrypointdist/cli.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings