registry  /  rivet-design  /  0.11.15

rivet-design@0.11.15

Local visual web development tool with AI-powered code modification

AI Security Review

scanned 15d ago · by lpm-firewall-ai

No confirmed malicious attack surface was found. The package has powerful user-invoked AI development, MCP, local config, telemetry, and network behavior aligned with its stated visual web development tool purpose.

Static reason
No blocking static signals were detected.
Trigger
User runs rivet CLI commands such as login, mcp, install/update harnesses, or starts the local server.
Impact
Expected project/config changes and network calls for an authenticated AI design tool; no evidence of credential harvesting, lifecycle execution, persistence, or covert exfiltration.
Mechanism
User-invoked local development server, auth storage, telemetry/feature flags, and AI agent orchestration.
Rationale
Static inspection shows package-aligned CLI/runtime behavior with no install-time execution beyond husky prepare and no covert credential harvesting or exfiltration. Dynamic import, network calls, token storage, child_process use, and MCP config writes are tied to explicit Rivet AI development workflows rather than unconsented package installation or import.
Evidence
package.jsonbin/rivet.jsdist/index.jsdist/config/proxy.jsdist/config/telemetry.jsdist/services/ConfigManager.jsdist/services/AuthService.jsdist/services/agent/AgentCore.jsdist/install/harnesses.js~/.rivet/config.json~/Library/Application Support/Claude/claude_desktop_config.json%APPDATA%/Claude/claude_desktop_config.json~/.config/Claude/claude_desktop_config.json
Network endpoints6
rivet-proxy.onrender.comrivet-core-production.up.railway.apprivet-prototype-host.onrender.comvdonwyzxpnsrihtrrvza.supabase.co/functions/v1/send-support-ticketrivet-proxy.onrender.com/ingestcursor.com/install-mcp

Decision evidence

public snapshot
AI called this Clean at 87.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no install/postinstall hook; prepare is husky and publish scripts are maintainer-only.
    • bin/rivet.js only sets NODE_ENV, redirects MCP logs, imports dist/index.js, and runs main on CLI invocation.
    • dist/config/proxy.js network hosts are Rivet service endpoints for auth, gateway, prototype hosting, support, and telemetry.
    • dist/services/ConfigManager.js stores Rivet auth tokens under ~/.rivet/config.json with mode 0600 for user-invoked login flows.
    • dist/install/harnesses.js writes MCP editor config only through explicit install/update harness commands, not at package install/import time.
    • dist/services/agent/AgentCore.js eval is used for dynamic ESM import of @anthropic-ai/claude-agent-sdk in the declared AI code-modification feature.
    Behavioral surface
    Source
    ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetwork
    Supply chain
    HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
    Manifest
    CopyleftLicense
    scanned 148 file(s), 3.39 MB of source, external domains: 127.0.0.1, cdn.jsdelivr.net, cdn.skypack.dev, cdnjs.cloudflare.com, claude.ai, cli.github.com, cursor.com, demo.rivet.design, esm.sh, getdesign.md, github.com, gsap.com, reactjs.org, releases.rivet.design, rivet-core-production.up.railway.app, rivet-prototype-host.onrender.com, rivet-proxy.onrender.com, rivet.design, rivet.local, unpkg.com, us.posthog.com, vdonwyzxpnsrihtrrvza.supabase.co, www.are.na, www.gstatic.com, www.pinterest.com, www.w3.org, yandex.com

    Source & flagged code

    3 flagged · loading source
    dist/services/agent/AgentCore.jsView file
    101// Use eval to prevent TypeScript from transforming to require() L102: const claudeSDK = await eval("import('@anthropic-ai/claude-agent-sdk')"); L103: // Wrap with Context Company observability when TCC_API_KEY is configured
    Low
    Eval

    Package source references a known benign dynamic code generation pattern.

    dist/services/agent/AgentCore.jsView on unpkg · L101
    bin/rivet.jsView file
    4L5: const fs = require('fs'); L6: const path = require('path');
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    bin/rivet.jsView on unpkg · L4
    src/ui/dist/fonts/Satoshi-VariableItalic.woff2View file
    path = src/ui/dist/fonts/Satoshi-VariableItalic.woff2 kind = high_entropy_blob sizeBytes = 43844 magicHex = [redacted]
    High
    Ships High Entropy Blob

    Package ships high-entropy non-source blobs.

    src/ui/dist/fonts/Satoshi-VariableItalic.woff2View on unpkg

    Findings

    1 High4 Medium9 Low
    HighShips High Entropy Blobsrc/ui/dist/fonts/Satoshi-VariableItalic.woff2
    MediumDynamic Requirebin/rivet.js
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowEvaldist/services/agent/AgentCore.js
    LowFilesystem
    LowObfuscated
    LowHigh Entropy Strings
    LowTelemetry
    LowUrl Strings
    LowCopyleft License