registry  /  remarque  /  1.0.0

remarque@1.0.0

Agent- and front-end-agnostic code-review engine: comment threads with stable anchoring over a CLI/JSON contract.

AI Security Review

scanned 17h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `remarque skills add` or related `remarque skills` command.
Impact
May modify coding-agent skill configuration through the delegated installer.
Mechanism
Explicit npx-based agent skill installer delegation
Rationale
Source inspection finds an explicit agent-skill installation path but no unconsented lifecycle execution, exfiltration, remote payload handling, or destructive behavior. Flag as a warning for the delegated agent-extension capability.
Evidence
package.jsondist/skills.jsdist/cli.jsdist/git.jsdist/config.jsskills/remarque-address/SKILL.mdskills/remarque-rereview/SKILL.mdskills/remarque-review/SKILL.md

Decision evidence

public snapshot
AI called this Suspicious at 89.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `dist/skills.js` runs `npx --yes skills@1 add`.
  • `dist/cli.js` exposes it as `remarque skills`.
  • The invoked installer can install bundled skills into coding agents.
Evidence against
  • `package.json` has no preinstall/install/postinstall hook.
  • Skill installation requires an explicit CLI subcommand.
  • `dist/git.js` only invokes fixed git commands for review operations.
  • No HTTP client, credential harvesting, eval, or payload download found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 16 file(s), 91.7 KB of source

Source & flagged code

2 flagged · loading source
dist/git.jsView file
13exports.emptyTree = emptyTree; L14: const node_child_process_1 = require("node:child_process"); L15: class GitError extends Error {
High
Child Process

Package source references child process execution.

dist/git.jsView on unpkg · L13
dist/skills.jsView file
8exports.handleSkills = handleSkills; L9: const node_child_process_1 = require("node:child_process"); L10: const node_path_1 = __importDefault(require("node:path")); ... L23: const err = result.error; L24: const hint = err.code === "ENOENT" ? " (is Node/npx installed and on your PATH?)" : ""; L25: process.stderr.write(`remarque: could not run npx${hint}: ${err.message}\n`);
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/skills.jsView on unpkg · L8

Findings

2 High1 Medium3 Low
HighChild Processdist/git.js
HighRuntime Package Installdist/skills.js
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem