registry  /  startx  /  1.1.32

startx@1.1.32

> Scaffold a production-ready TypeScript monorepo in minutes.

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface. Risky primitives are tied to explicit scaffold/AI-tool functionality and require user invocation, not install or import execution.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs startx CLI commands or imports/uses the bundled aix library tools.
Impact
Can create or modify project files as requested by CLI workflow; no unauthorized data theft or persistence identified.
Mechanism
Project scaffolding plus user-directed AI/provider tooling
Rationale
Static inspection shows a monorepo scaffolding CLI with bundled templates and AI helper libraries; the dangerous primitives are package-aligned and user-invoked. There is no lifecycle hook, import-time execution, credential harvesting, exfiltration, persistence, or hidden payload behavior supporting a malicious verdict.
Evidence
package.jsonapps/startx-cli/src/index.tsapps/startx-cli/src/commands/init.tsapps/startx-cli/src/commands/package.tsapps/startx-cli/src/utils/cli-utils.tspackages/aix/src/tools/system/index.tspackages/aix/src/providers/providers.tsapps/cli/src/commands/common/hashing.tsuser-selected workspace package.jsonuser-selected workspace pnpm-workspace.yamluser-selected workspace template files
Network endpoints5
api.anthropic.com/v1api.groq.com/openai/v1api.cerebras.ai/v1/geocoding-api.open-meteo.com/v1/searchapi.open-meteo.com/v1/forecast

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • apps/startx-cli/src/commands/package.ts can write files and optionally spawn package-manager install after user CLI prompts
  • packages/aix/src/tools/system/index.ts exposes user-invoked VM JavaScript tools inside bundled AI framework
  • packages/aix/src/providers/providers.ts contains AI provider endpoints for anthropic/groq/cerebras
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks
  • package.json bin only points to apps/startx-cli/dist/index.mjs CLI
  • apps/startx-cli/src/index.ts only registers ping/init/package commands; no import-time payload
  • apps/startx-cli/src/commands/init.ts and package.ts implement scaffolding/copying selected templates into user chosen workspace
  • No credential harvesting, persistence, destructive import-time behavior, or exfiltration found
  • apps/cli/src/commands/common/hashing.ts only hashes/compares user-supplied strings locally
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedProtestwareUrlStrings
ManifestNo manifest risk signals triggered.
scanned 259 file(s), 1.20 MB of source, external domains: api.anthropic.com, api.cerebras.ai, api.groq.com, api.open-meteo.com, app.com, dotenvx.com, fonts.googleapis.com, fonts.gstatic.com, geocoding-api.open-meteo.com, github.com, json-schema.org

Source & flagged code

6 flagged · loading source
apps/cli/src/commands/common/hashing.tsView file
27patternName = generic_password severity = medium line = 27 matchedText = logger.i..."`);
Medium
Secret Pattern

Package contains a possible secret pattern.

apps/cli/src/commands/common/hashing.tsView on unpkg · L27
packages/aix/src/lib/convertor/variable-resolver.tsView file
129if (v.type === "fn") { L130: parsed = eval(`(function() { L131: return (function() {
Low
Eval

Package source references a known benign dynamic code generation pattern.

packages/aix/src/lib/convertor/variable-resolver.tsView on unpkg · L129
apps/startx-cli/dist/index.mjsView file
177contains invisible/control Unicode U+FEFF (zero width no-break space) `};delete e.items,Object.assign(e,{type:n,source:t,end:[r]});break}default:{let r=`indent`in e?e.indent:-1,i=`end`in e&&Array.isArray(e.end)?e.end.filter(e=>e.type===`space`||e.type===`comment`||e.type===`newline`):[];for(let t of Object.ke
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

apps/startx-cli/dist/index.mjsView on unpkg · L177
Trigger-reachable chain: manifest.bin -> apps/startx-cli/dist/index.mjs Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

apps/startx-cli/dist/index.mjsView on unpkg
61`)[0]}\n`),Error.captureStackTrace(this,e)}};t.exports=e=>{if(e.length>2)throw new n(e);function t(e={}){this.options=e}t.prototype.transform=e;function r(e){return new t(e)}return... L62: `)!=-1,a=this._styles,s=a.length;s--;){var c=i[a[s]];e=c.open+e.replace(c.closeRe,c.open)+c.close,t&&(e=e.replace(o,function(e){return c.close+e+c.open}))}return e}n.setTheme=funct... L63: `));return!0}t.exports=(...e)=>{let t=n(r(e)),i=t();return i.Format=t.Format,i},t.exports.cascade=r})),vg=v(((e,t)=>{let{hasOwnProperty:n}=Object.prototype,r=_();r.configure=_,r.st...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

apps/startx-cli/dist/index.mjsView on unpkg · L61
packages/aix/src/tools/system/index.tsView file
233try { L234: contextValue = JSON.parse(contextValue); L235: } catch {
Medium
Unsafe Vm Context

Package source executes code through a VM context API.

packages/aix/src/tools/system/index.tsView on unpkg · L233

Findings

2 Critical7 Medium5 Low
CriticalTrojan Source Unicodeapps/startx-cli/dist/index.mjs
CriticalTrigger Reachable Dangerous Capabilityapps/startx-cli/dist/index.mjs
MediumSecret Patternapps/cli/src/commands/common/hashing.ts
MediumDynamic Requireapps/startx-cli/dist/index.mjs
MediumUnsafe Vm Contextpackages/aix/src/tools/system/index.ts
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalpackages/aix/src/lib/convertor/variable-resolver.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings