registry  /  starbridge-cli  /  1.1.1

starbridge-cli@1.1.1

StarBridge CLI tool for autonomous deployments

AI Security Review

scanned 2d ago · by lpm-firewall-ai

The package is a user-invoked CLI that bootstraps and runs a StarBridge server by downloading source from GitHub and executing package-manager/build commands. This creates remote-code-execution supply-chain risk but no confirmed malicious payload in the inspected npm package.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs starbridge start or starbridge setup; deploy/log commands contact the configured StarBridge API.
Impact
Remote GitHub content can be installed, built, and executed on the user's machine under explicit CLI commands.
Mechanism
runtime GitHub source download and local command execution
Rationale
This is not clean because the CLI executes remotely downloaded source and package-manager commands at runtime. It is not malicious under the policy because activation is explicit user command behavior, with no lifecycle hook abuse, credential exfiltration, destructive action, or foreign AI-agent control mutation found.
Evidence
package.jsondist/index.js~/.starbridge/server-source~/.starbridge/release.json~/.starbridge/server-source/.env~/.starbridge/config.json<server-source>/node_modules<server-source>/dev.db
Network endpoints4
api.github.com/repos/RickyFirmansyah27/star-brigde-agent/releases/latestgithub.com/RickyFirmansyah27/star-brigde-agent/archive/refs/heads/main.tar.gzlocalhost:3000127.0.0.1:<port>

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • dist/index.js downloads GitHub release/main tarball for RickyFirmansyah27/star-brigde-agent into ~/.starbridge/server-source.
  • dist/index.js extracts the downloaded tarball, replacing the cached server source directory.
  • dist/index.js runs npm install, npm run setup, npx turbo build/dev, npx prisma/tsx, and node scripts/start.js in the downloaded/project server tree.
  • dist/index.js setup prompts for GitHub/Trigger secrets and writes them to the server .env file.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks; bin is user-invoked starbridge CLI only.
  • No hardcoded credential theft or outbound exfiltration flow found; deploy/log requests use configured endpoint token for documented CLI actions.
  • Network use is GitHub source download plus localhost/configured StarBridge API calls aligned with an autonomous deployment CLI.
  • No foreign AI-agent control surface mutation, persistence, destructive filesystem behavior, eval/vm, or native binary loading found.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
MinifiedUrlStrings
Manifest
NoLicense
scanned 1 file(s), 15.5 KB of source, external domains: 127.0.0.1, api.github.com, github.com

Source & flagged code

4 flagged · loading source
dist/index.jsView file
1#!/usr/bin/env node L2: "use strict";var me=Object.create;var M=Object.defineProperty;var he=Object.getOwnPropertyDescriptor;var ye=Object.getOwnPropertyNames;var Se=Object.getPrototypeOf,be=Object.protot... L3: `),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"})}function g(t,e){return t==="running"?p.default.green(` \u25CF ${e}`):t==="error"?p.default.red...
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L1
1#!/usr/bin/env node L2: "use strict";var me=Object.create;var M=Object.defineProperty;var he=Object.getOwnPropertyDescriptor;var ye=Object.getOwnPropertyNames;var Se=Object.getPrototypeOf,be=Object.protot... L3: `),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"})}function g(t,e){return t==="running"?p.default.green(` \u25CF ${e}`):t==="error"?p.default.red... L4: `))),o){let r=y.join(e,"dev.db");if(!h.existsSync(r)){console.log(g("pending","Database not found. Running auto-setup..."));try{(0,E.execSync)("npx prisma db push",{cwd:y.join(e,"p... L5: `),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"}))}async function se(){try{await N(te)}catch(r){console.error(te("error","Failed to fetch server ...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/index.jsView on unpkg · L1
1#!/usr/bin/env node L2: "use strict";var me=Object.create;var M=Object.defineProperty;var he=Object.getOwnPropertyDescriptor;var ye=Object.getOwnPropertyNames;var Se=Object.getPrototypeOf,be=Object.protot... L3: `),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"})}function g(t,e){return t==="running"?p.default.green(` \u25CF ${e}`):t==="error"?p.default.red... L4: `))),o){let r=y.join(e,"dev.db");if(!h.existsSync(r)){console.log(g("pending","Database not found. Running auto-setup..."));try{(0,E.execSync)("npx prisma db push",{cwd:y.join(e,"p... L5: `),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"}))}async function se(){try{await N(te)}catch(r){console.error(te("error","Failed to fetch server ...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.jsView on unpkg · L1
3`),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"})}function g(t,e){return t==="running"?p.default.green(` \u25CF ${e}`):t==="error"?p.default.red... L4: `))),o){let r=y.join(e,"dev.db");if(!h.existsSync(r)){console.log(g("pending","Database not found. Running auto-setup..."));try{(0,E.execSync)("npx prisma db push",{cwd:y.join(e,"p... L5: `),{padding:{top:1,bottom:1,left:2,right:2},borderColor:"cyan",borderStyle:"round"}))}async function se(){try{await N(te)}catch(r){console.error(te("error","Failed to fetch server ...
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/index.jsView on unpkg · L3

Findings

4 High2 Medium4 Low
HighChild Processdist/index.js
HighSame File Env Network Executiondist/index.js
HighCommand Output Exfiltrationdist/index.js
HighRuntime Package Installdist/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License