registry  /  rastack  /  0.0.39

rastack@0.0.39

AI Security Review

scanned 1d ago · by lpm-firewall-ai

No confirmed malicious attack surface. Shell, network, filesystem, and deployment actions are explicit user-invoked CLI features for local project generation, AWS deployment, schema retrieval, and self-update.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit rastack CLI commands such as update, init, ci, deploy, seed, or schema generation.
Impact
Can modify the invoking project, update its own global installation, and deploy configured AWS resources only when the operator invokes those commands.
Mechanism
User-directed local tooling, package self-update, schema fetch, and AWS deployment orchestration.
Rationale
Static inspection shows a developer CLI with user-triggered command execution and deployment capabilities, but no install-time execution, hidden payload retrieval, credential exfiltration, persistence, or AI-agent control-surface mutation. Scanner signals correspond to documented local CLI, WASM, schema, and AWS deployment functionality.
Evidence
package.jsonruntime.tssrc/rastack.tssrc/rastack-update.tssrc/rastack-ci.tssrc/deploy/ci.tssrc/deploy/io.tssrc/rastack-init.tssrc/schema-fetch.tsprovider/wasm.tsprovider/warehouse.tssrc/rastack-bootstrap.ts

Decision evidence

public snapshot
AI called this Clean at 95.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no lifecycle hooks; install does not execute package code.
    • runtime.ts only re-exports library modules; no import-time mutation or network call.
    • src/rastack-update.ts runs npm only for explicit `rastack update` requests and uses execFileSync.
    • src/rastack-ci.ts and src/deploy/ci.ts perform AWS/curl deployment steps only through explicit CLI CI/deploy commands.
    • provider/wasm.ts dynamic import loads the package’s documented local WASM module, not a remote payload.
    • No source references to AI-agent configuration paths or credential harvesting/exfiltration were found.
    Behavioral surface
    Source
    ChildProcessDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 174 file(s), 732 KB of source, external domains: 127.0.0.1, www.w3.org

    Source & flagged code

    5 flagged · loading source
    dist/deploy/io.jsView file
    52exports.withPrompt = withPrompt; L53: const child_process_1 = require("child_process"); L54: const fs = __importStar(require("fs"));
    High
    Child Process

    Package source references child process execution.

    dist/deploy/io.jsView on unpkg · L52
    provider/wasm.tsView file
    12// eslint-disable-next-line no-new-func L13: new Function("s", "return import(s)") as any; L14:
    Low
    Eval

    Package source references a known benign dynamic code generation pattern.

    provider/wasm.tsView on unpkg · L12
    dist/rastack-compile.jsView file
    12Object.defineProperty(exports, "__esModule", { value: true }); L13: const compile_1 = require("./compile"); L14: const DEFAULT_RESOURCES = "resources";
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/rastack-compile.jsView on unpkg · L12
    src/rastack-update.tsView file
    14* prefix (`~/.rastack`, via the hosted installer). Updating re-runs L15: * `npm install -g rastack@<target>` against that SAME prefix — derived from where L16: * the running CLI lives — so it never scatters a second copy into npm's default ... L19: L20: import { execFileSync } from "child_process"; L21: import { readFileSync } from "fs";
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    src/rastack-update.tsView on unpkg · L14
    dist/rastack.jsView file
    matchType = previous_version_dangerous_delta matchedPackage = rastack@0.0.38 matchedIdentity = npm:cmFzdGFjaw:0.0.38 similarity = 0.950 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/rastack.jsView on unpkg

    Findings

    1 Critical3 High4 Medium5 Low
    CriticalPrevious Version Dangerous Deltadist/rastack.js
    HighChild Processdist/deploy/io.js
    HighShell
    HighRuntime Package Installsrc/rastack-update.ts
    MediumDynamic Requiredist/rastack-compile.js
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowScripts Present
    LowEvalprovider/wasm.ts
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings