registry  /  syrax-audit  /  1.0.9

syrax-audit@1.0.9

Herramienta CLI oficial de Syrax para auditar tu código y obtener prompts de reparación de IA.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
Run `syrax-audit`; additional mutations require interactive confirmations and Premium autofix/agent selection.
Impact
A user who accepts prompts may expose audited HTML to the service and allow server-provided prompts to influence an external coding agent.
Mechanism
Remote HTML audit plus opt-in project hook and AI-agent configuration/execution.
Rationale
No concrete malicious chain or unconsented lifecycle mutation was found. The explicit AI-agent configuration and external-agent execution are nevertheless a meaningful dangerous capability that warrants a warning.
Evidence
package.jsonbin/index.js.env.husky/pre-commit.husky/pre-pushsyrax-report.json.cursorrulesindex.htmldist/index.htmlpublic/index.html.svelte-kit/output/client/index.html
Network endpoints2
syrax-analyzer.moisesvalero.es/api/web-audit/cli-analyzelocalhost:5173

Decision evidence

public snapshot
AI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `bin/index.js` posts audited local HTML and optional bearer API key to Syrax.
  • `bin/index.js` writes `.cursorrules` instructing AI agents to prioritize server-supplied repair prompts.
  • Interactive Premium autofix can run Claude Code via `npx` or Antigravity CLI.
  • Interactive hook setup installs Husky and writes executable project Git hooks.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
  • All mutation paths require a user-run CLI plus interactive confirmation/agent selection.
  • Network use matches the declared web-audit function and targets a fixed Syrax API by default.
  • No obfuscation, payload download, credential harvesting beyond `SYRAX_API_KEY`, or destructive file logic found.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 18.5 KB of source, external domains: syrax-analyzer.moisesvalero.es

Source & flagged code

3 flagged · loading source
bin/index.jsView file
4import path from 'path'; L5: import { execSync } from 'child_process'; L6: import prompts from 'prompts';
High
Child Process

Package source references child process execution.

bin/index.jsView on unpkg · L4
153launchedProcess = spawn(`${packageManager} run dev`, [], { L154: shell: true, L155: stdio: 'pipe'
High
Shell

Package source references shell execution.

bin/index.jsView on unpkg · L153
337const installCmd = L338: packageManager === 'pnpm' ? 'pnpm add -D husky' : 'npm install --save-dev husky'; L339: execSync(installCmd, { stdio: 'ignore' }); L340: execSync('npx husky init', { stdio: 'ignore' });
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/index.jsView on unpkg · L337

Findings

3 High2 Medium3 Low
HighChild Processbin/index.js
HighShellbin/index.js
HighRuntime Package Installbin/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings