registry  /  systemview  /  2.2.0

systemview@2.2.0

A documentation and testing suite for SystemLynx

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malware behavior, but the CLI has a shell-injection vulnerability in browser opening. Other risky primitives are aligned with a SystemLynx testing UI and user-connected services.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
User runs systemview open with crafted project_code or namespace arguments.
Impact
Local command execution under the invoking user's account if arguments contain shell metacharacters.
Mechanism
unsanitized child_process.exec shell command construction
Rationale
Static inspection supports a warning for a real command injection vulnerability and globally disabled TLS verification, but not a publish block: behavior is CLI/user-triggered and package-aligned with no exfiltration or install-time attack chain. The scanner's malicious label overstates the evidence.
Evidence
package.jsoncli/index.jscli/openBrowser.jscli/cookieClient.jscli/connectService.jscli/manifest.jscli/probe.jscli/logs.jsapi/index.jsapi/Connections.jstesting-utilities/Test.class.jstesting-utilities/createMockFile.jssystemview.cookies.jsonsystemview.manifest.jsonapi/connections.jsonapi/cli-history.jsonsystemview-snapshot.ndjsonmock files named by mockFile(...) test args
Network endpoints3
localhost:3000localhost:3000/systemview/apiuser-supplied http(s) service URLs

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Critical Vulnerability with medium false-positive risk.
Evidence for warning
  • cli/openBrowser.js builds shell command with unsanitized project_code/namespace URL and passes it to child_process.exec.
  • cli/index.js disables TLS verification globally with NODE_TLS_REJECT_UNAUTHORIZED="0".
  • cli/probe.js and testing-utilities/Test.class.js invoke methods on user-connected SystemLynx services from manifest/UI data.
  • cookieClient.js persists captured cookies to process cwd systemview.cookies.json.
  • api/Connections.js ships and mutates api/connections.json service records.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks.
  • Network activity is local UI or explicit user-supplied service URLs for the package's testing/documentation CLI.
  • No credential harvesting, hardcoded exfiltration endpoint, persistence, destructive install behavior, or AI-agent control-surface mutation found.
  • Scanner eval/download finding is in bundled React app/library code; source inspection found no remote payload download-execute chain.
  • File writes are package-aligned state/snapshot/manifest/test helper outputs triggered by CLI/UI actions.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 32 file(s), 1.54 MB of source, external domains: atelierbram.github.io, chriskempson.com, clrs.cc, cscorley.github.io, ethanschoonover.com, fb.me, github.com, hart-dev.com, momentjs.com, railscasts.com, reactjs.org, sethawright.com, tybenz.com, www.monokai.nl, www.w3.org

Source & flagged code

5 flagged · loading source
cli/openBrowser.jsView file
1const { exec } = require("child_process"); L2: const resolveNamespace = require("./utils/resolveNamespace");
High
Child Process

Package source references child process execution.

cli/openBrowser.jsView on unpkg · L1
build/static/js/main.c7a05ef5.jsView file
1/*! For license information please see main.c7a05ef5.js.LICENSE.txt */ L2: (()=>{var e={3240(e){"use strict";var t=Object.prototype.hasOwnProperty,n=Object.prototype.toString,r=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=function(e){return"f... L3: //# sourceMappingURL=main.c7a05ef5.js.map
Critical
Download Execute

Source downloads or fetches remote code and executes it.

build/static/js/main.c7a05ef5.jsView on unpkg · L1
1/*! For license information please see main.c7a05ef5.js.LICENSE.txt */ L2: (()=>{var e={3240(e){"use strict";var t=Object.prototype.hasOwnProperty,n=Object.prototype.toString,r=Object.defineProperty,a=Object.getOwnPropertyDescriptor,o=function(e){return"f... L3: //# sourceMappingURL=main.c7a05ef5.js.map
High
Eval

Package source references dynamic code evaluation.

build/static/js/main.c7a05ef5.jsView on unpkg · L1
cli/cookieClient.jsView file
1const axios = require("axios").default; L2: const FormData = require("form-data");
Medium
Dynamic Require

Package source references dynamic require/import behavior.

cli/cookieClient.jsView on unpkg · L1
cli/index.jsView file
2Manifest entrypoint (manifest.bin) carries capability families absent from dist/build output: environment+network L2: L3: process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; L4: ... L24: const DEFAULT_PORT = 3000; L25: const VERSION = require("../package.json").version; L26: const UI_URL = `http://localhost:${DEFAULT_PORT}`; L27: L28: const MANIFEST_FILE = flags.manifest || path.join(process.cwd(), "systemview.manifest.json"); L29: const connectedUrls = new Set(); ... L33: try { L34: const manifest = JSON.parse(fs.readFileSync(MANIFEST_FILE, "utf8")); L35: const services = manifest.services || [manifest];
High
Entrypoint Build Divergence

Manifest entrypoint contains risky behavior absent from dist/build output.

cli/index.jsView on unpkg · L2

Findings

1 Critical3 High4 Medium6 Low
CriticalDownload Executebuild/static/js/main.c7a05ef5.js
HighChild Processcli/openBrowser.js
HighEvalbuild/static/js/main.c7a05ef5.js
HighEntrypoint Build Divergencecli/index.js
MediumDynamic Requirecli/cookieClient.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License