registry  /  target-supabase-sdk  /  0.2.3

target-supabase-sdk@0.2.3

Supabase client initializer and data access APIs

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The Node worker API can execute ESM supplied by records in the consumer's configured Supabase project. This is a dangerous remote task-extension capability, not install-time execution.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
A consumer initializes Supabase and invokes the Repo/Task worker flow that resolves a remote task type.
Impact
A party able to modify the configured Supabase Repo/script records can obtain arbitrary code execution in the worker process.
Mechanism
Fetch remote script metadata, write inline ESM to temp storage, then dynamically import it.
Rationale
The package intentionally documents remote Repo script loading for Node workers, but source inspection confirms that untrusted-at-runtime database content can become executable code. There is no installation-time or stealthy malicious chain, so this warrants a warning rather than a block.
Evidence
package.jsonsrc/repo/repo-manager.tssrc/repo/repo.script-loader.tssrc/task/task-repo-context.tssrc/node/process/process-spawn.tsREADME.md/tmp/target-supabase-sdk/repo-scripts/<taskType>@<loadKey>-<hash>.mjs

Decision evidence

public snapshot
AI called this Suspicious at 93.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `src/repo/repo.script-loader.ts` writes database-provided ESM source to `/tmp/target-supabase-sdk/repo-scripts` and imports it.
  • `src/repo/repo.script-loader.ts` dynamically imports a configured `Repo.details.url`, including URL schemes.
  • `src/repo/repo-manager.ts` fetches remote repo and script records from the configured Supabase project before loading them.
  • `src/node/process/process-spawn.ts` can launch Node child processes for user-configured worker entries.
Evidence against
  • `package.json` has no `preinstall`, `install`, or `postinstall` hook.
  • Default browser entry is separate; Node-only loader functionality is exposed through `/node`.
  • Remote loading occurs only through the explicit Repo/Task worker path after Supabase initialization.
  • No hard-coded network host, credential harvesting, foreign agent-config mutation, or destructive package behavior was found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 105 file(s), 628 KB of source

Source & flagged code

2 flagged · loading source
dist/node.jsView file
matchType = previous_version_dangerous_delta matchedPackage = target-supabase-sdk@0.2.2 matchedIdentity = npm:dGFyZ2V0LXN1cGFiYXNlLXNkaw:0.2.2 similarity = 0.932 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/node.jsView on unpkg
919} L920: /** `file://` href for Node dynamic `import()` of a local module. */ L921: function toFileImportHref(filePath) {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/node.jsView on unpkg · L919

Findings

1 High3 Medium3 Low
HighPrevious Version Dangerous Deltadist/node.js
MediumDynamic Requiredist/node.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings