registry  /  srvx-nightly  /  0.11.19-20260702-103127-777f71d

srvx-nightly@0.11.19-20260702-103127-777f71d

Universal Server.

AI Security Review

scanned 11d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The risky primitives are runtime server/CLI features aligned with a universal server package.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs the srvx CLI or imports srvx adapters at runtime.
Impact
No hidden exfiltration, persistence, install-time execution, or destructive behavior identified.
Mechanism
user-invoked server startup, local entry loading, static serving, and curl-like fetch mode
Rationale
Static inspection shows a legitimate universal server/CLI implementation; dynamic imports, child process use, environment reads, and network fetch behavior are user-invoked and package-aligned. No install-time code, hardcoded exfiltration, credential harvesting, persistence, destructive action, or AI-agent control-surface mutation was found.
Evidence
package.jsonbin/srvx.mjsdist/cli.mjsdist/loader.mjsdist/static.mjsdist/adapters/node.mjsdist/adapters/bun.mjsdist/adapters/deno.mjsdist/adapters/cloudflare.mjsdist/adapters/service-worker.mjsdist/adapters/aws-lambda.mjsdist/adapters/bunny.mjsuser-selected server entry filesuser-selected static directory files.env.env.production.env.local
Network endpoints3
srvx.h3.devgithub.com/h3js/srvx/issuesgithub.com/unjs/jiti

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has bin entry and dev/prepack/release scripts, but no install/postinstall/prepare lifecycle hook.
    • bin/srvx.mjs only imports dist/cli.mjs and invokes main with docs/issues metadata.
    • dist/cli.mjs child_process.fork restarts the same srvx bin with watch/env-file/import args for serve mode.
    • dist/cli.mjs fetch mode uses user-supplied URL/path and headers; no hardcoded exfiltration endpoint.
    • dist/loader.mjs dynamic import loads explicit/discovered local server entry files as core package functionality.
    • Adapters implement server/runtime request handling and static file serving; no credential harvesting, persistence, or destructive writes found.
    Behavioral surface
    Source
    ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    Manifest
    WildcardDependency
    scanned 18 file(s), 82.0 KB of source, external domains: github.com, srvx.h3.dev

    Source & flagged code

    4 flagged · loading source
    dist/cli.mjsView file
    4import { fileURLToPath } from "node:url"; L5: import { fork } from "node:child_process"; L6: import { createReadStream, existsSync, statSync } from "node:fs";
    High
    Child Process

    Package source references child process execution.

    dist/cli.mjsView on unpkg · L4
    372async function forkCLI(args, runtimeArgs) { L373: const child = fork(fileURLToPath(globalThis.__SRVX_BIN__ || new URL("../bin/srvx.mjs", import.meta.url)), [...args], { execArgv: [...process.execArgv, ...runtimeArgs].filter(Boolea... L374: child.on("error", (error) => {
    High
    Shell

    Package source references shell execution.

    dist/cli.mjsView on unpkg · L372
    4Cross-file remote execution chain: dist/cli.mjs spawns dist/loader.mjs; helper contains network access plus dynamic code execution. L4: import { fileURLToPath } from "node:url"; L5: import { fork } from "node:child_process"; L6: import { createReadStream, existsSync, statSync } from "node:fs"; ... L11: try { L12: if (!process.env.NODE_ENV) process.env.NODE_ENV = cliOpts.prod ? "production" : "development"; L13: let server; ... L90: } L91: async function cliFetch(cliOpts) { L92: const stdin = cliOpts.stdin || process.stdin; L93: const stdout = cliOpts.stdout || process.stdout; L94: const stderr = cliOpts.stderr || process.stderr; ... L103: if (cliOpts.verbose && loaded.url) {
    High
    Cross File Remote Execution Context

    Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

    dist/cli.mjsView on unpkg · L4
    dist/loader.mjsView file
    41if (opts.interceptHttpListen !== false) { L42: const loaded = await interceptListen(() => import(url), opts); L43: mod = loaded.res;
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/loader.mjsView on unpkg · L41

    Findings

    3 High4 Medium4 Low
    HighChild Processdist/cli.mjs
    HighShelldist/cli.mjs
    HighCross File Remote Execution Contextdist/cli.mjs
    MediumDynamic Requiredist/loader.mjs
    MediumNetwork
    MediumEnvironment Vars
    MediumWildcard Dependency
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings