registry  /  remarque  /  1.0.2

remarque@1.0.2

Terminal code review for AI coding agents: PR-style review of your git diff, with comment threads the agent reads, fixes, and replies to.

AI Security Review

scanned 15h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `remarque skills add` or `remarque skills list`.
Impact
May modify selected coding-agent skill/config locations under the external installer's documented behavior.
Mechanism
Explicit agent-skill installation through `npx skills@1 add`.
Rationale
Source inspection supports an explicit, user-invoked agent-extension setup risk rather than malicious behavior. Warn because the delegated installer can alter agent skill/config surfaces; do not block because it is not automatic or covert.
Evidence
package.jsondist/skills.jsdist/git.jsdist/config.jsdist/store/json-backend.jsskills/remarque-review/SKILL.mdskills/remarque-address/SKILL.mdskills/remarque-rereview/SKILL.md

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `dist/skills.js` runs `npx --yes skills@1 add` on explicit `remarque skills` commands.
  • That command can install bundled agent skills, including global agent-targeted setup.
  • `dist/skills.js` uses `shell:true` only on Windows, with user-supplied trailing arguments.
Evidence against
  • `package.json` has no preinstall/install/postinstall hook; `prepare` only compiles TypeScript.
  • No HTTP, HTTPS, socket, credential harvesting, or exfiltration code found in `dist`.
  • `dist/git.js` invokes fixed `git` subcommands for local repository inspection.
  • `dist/config.js` and `dist/store/json-backend.js` only persist review configuration and JSON review state.
  • Bundled `skills/*/SKILL.md` files direct local review/comment workflows, not data transfer or payload execution.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 16 file(s), 91.9 KB of source

Source & flagged code

2 flagged · loading source
dist/git.jsView file
13exports.emptyTree = emptyTree; L14: const node_child_process_1 = require("node:child_process"); L15: class GitError extends Error {
High
Child Process

Package source references child process execution.

dist/git.jsView on unpkg · L13
dist/skills.jsView file
21const result = isWindows L22: ? (0, node_child_process_1.spawnSync)("npx", argv.map(quoteArg), { stdio: "inherit", shell: true }) L23: : (0, node_child_process_1.spawnSync)("npx", argv, { stdio: "inherit" }); ... L25: const err = result.error; L26: const hint = err.code === "ENOENT" ? " (is Node/npx installed and on your PATH?)" : ""; L27: process.stderr.write(`remarque: could not run npx${hint}: ${err.message}\n`);
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/skills.jsView on unpkg · L21

Findings

2 High1 Medium3 Low
HighChild Processdist/git.js
HighRuntime Package Installdist/skills.js
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem