registry  /  syrax-audit  /  1.0.6

syrax-audit@1.0.6

Herramienta CLI oficial de Syrax para auditar tu código y obtener prompts de reparación de IA.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `syrax-audit` interactively and confirms Husky or Premium autofix options.
Impact
Can modify the current project and cause a selected local AI agent to act on server-provided audit prompts.
Mechanism
Opt-in project-hook and AI-agent automation with remote HTML analysis.
Rationale
No unconsented lifecycle execution or concrete malicious chain is present. The explicit autofix and agent-control behavior warrants a warning because remote audit results can influence local agent actions.
Evidence
package.jsonbin/index.js.envindex.htmldist/index.htmlpublic/index.html.svelte-kit/output/client/index.html.husky/pre-commit.husky/pre-pushsyrax-report.json.cursorrules
Network endpoints2
syrax-analyzer.moisesvalero.es/api/web-audit/cli-analyzelocalhost:5173

Decision evidence

public snapshot
AI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `bin/index.js` uploads audited local HTML and an optional API key to the Syrax API.
  • Interactive premium autofix writes `.cursorrules` that directs Cursor to run `npx syrax-audit --ci`.
  • User-confirmed autofix invokes Claude Code or Antigravity through `execSync`.
  • User-confirmed Husky setup installs Husky and writes a pre-commit or pre-push hook.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
  • All project mutation paths require interactive opt-in; CI mode skips setup prompts.
  • No credential harvesting beyond `SYRAX_API_KEY`, and no unrelated exfiltration endpoint is present.
  • No obfuscation, remote payload loading, destructive deletion, or stealth persistence was found.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 16.2 KB of source, external domains: syrax-analyzer.moisesvalero.es

Source & flagged code

3 flagged · loading source
bin/index.jsView file
4import path from 'path'; L5: import { execSync } from 'child_process'; L6: import prompts from 'prompts';
High
Child Process

Package source references child process execution.

bin/index.jsView on unpkg · L4
139launchedProcess = spawn(`${packageManager} run dev`, [], { L140: shell: true, L141: stdio: 'pipe'
High
Shell

Package source references shell execution.

bin/index.jsView on unpkg · L139
322const installCmd = L323: packageManager === 'pnpm' ? 'pnpm add -D husky' : 'npm install --save-dev husky'; L324: execSync(installCmd, { stdio: 'ignore' }); L325: execSync('npx husky init', { stdio: 'ignore' });
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/index.jsView on unpkg · L322

Findings

3 High2 Medium3 Low
HighChild Processbin/index.js
HighShellbin/index.js
HighRuntime Package Installbin/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings