AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious install-time behavior is present. The unresolved risk is explicit CLI-driven remote component fetching plus unescaped shell execution of remotely supplied dependency names.
Static reason
One or more suspicious static signals were detected.
Trigger
User runs `shrimps add <component>` or `shrimps init`.
Impact
Could write UI files and install dependencies; malicious remote registry dependency strings could become shell execution.
Mechanism
Runtime fetch/write plus package-manager execSync
Rationale
This is not malicious by source inspection because activation is explicit CLI use and there is no lifecycle hook, exfiltration, persistence, or stealth behavior. It merits a warning because remote registry data flows into shell execution without sanitization.
Evidence
package.jsonbin/index.jssrc/add.jssrc/fetch.jssrc/write.jssrc/components/ui/<name>.tsxcomponents/ui/<name>.tsxsrc/app/globals.cssapp/globals.css
Network endpoints1
raw.githubusercontent.com/Cyrexart/shrimps-cn/main/packages/ui
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Critical Vulnerability with medium false-positive risk.
Evidence for warning
- src/add.js builds package-manager shell commands from remote registry dependencies with deps.join(" ") and execSync.
- src/fetch.js fetches registry/components from raw.githubusercontent.com at runtime.
- src/write.js overwrites project component files and globals.css during explicit CLI commands.
Evidence against
- package.json has no preinstall/install/postinstall lifecycle hooks.
- bin/index.js only exposes user-invoked `add <component>` and `init` commands.
- No credential/env harvesting, persistence, destructive filesystem traversal, or exfiltration logic found.
- Network endpoint is package-aligned component registry content, not an unrelated collector.
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcesrc/add.jsView file
1import { execSync } from "child_process";
L2: import { fetchComponent } from "./fetch.js";
High
6try {
L7: execSync("pnpm --version", { stdio: "ignore" });
L8: return "pnpm";
...
L19: const cmd = {
L20: pnpm: `pnpm add ${deps.join(" ")}`,
L21: yarn: `yarn add ${deps.join(" ")}`,
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
src/add.jsView on unpkg · L6Findings
3 High1 Medium4 Low
HighChild Processsrc/add.js
HighShell
HighRuntime Package Installsrc/add.js
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License