registry  /  telodocs  /  0.3.0

telodocs@0.3.0

Documentation MCP server and docs site — content in docs/, telodocs runs the rest

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The flagged child-process use runs bundled ripgrep for documentation search or user-invoked local CLI/server commands.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit telodocs new, dev, or start command; MCP requests to a running local server.
Impact
No source evidence of credential harvesting, exfiltration, remote payload execution, or AI-agent configuration mutation.
Mechanism
Local documentation scaffolding, serving, and docs-directory search.
Rationale
Static hints map to legitimate package behavior: an explicit documentation CLI and MCP server. Source inspection found no install-time execution or concrete malicious chain.
Evidence
package.jsondist/cli/index.jsdist/cli/commands/new.jsdist/cli/commands/serve.jsdist/server/search/search.service.jsdist/server/mcp/mcp.service.jstemplate/**docs/**.env.git/**

Decision evidence

public snapshot
AI called this Clean at 97.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has only prepublishOnly; no install lifecycle hook.
    • dist/cli/index.js only registers explicit new/dev/start commands.
    • dist/cli/commands/serve.js spawns local server commands only after user invokes dev/start.
    • dist/server/search/search.service.js confines reads/searches to configured docsDir.
    • No outbound HTTP/network client imports found in inspected server/CLI code.
    • dist/cli/commands/new.js writes only an explicit user-requested scaffold and optionally initializes its git repo.
    Behavioral surface
    Source
    ChildProcessCryptoEnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsMinifiedUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 52 file(s), 383 KB of source, external domains: react.dev, www.w3.org

    Source & flagged code

    3 flagged · loading source
    dist/server/search/search.service.jsView file
    matchType = previous_version_dangerous_delta matchedPackage = telodocs@0.2.2 matchedIdentity = npm:dGVsb2RvY3M:0.2.2 similarity = 0.846 summary = stored previous version shares package body but lacks this dangerous source file
    Critical
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/server/search/search.service.jsView on unpkg
    23const fast_glob_1 = __importDefault(require("fast-glob")); L24: const node_child_process_1 = require("node:child_process"); L25: const config_schema_1 = require("../core/config/config.schema");
    High
    Child Process

    Package source references child process execution.

    dist/server/search/search.service.jsView on unpkg · L23
    dist/cli/commands/serve.jsView file
    20const entry = resolveServerEntry(packageRoot); L21: const child = (0, node_child_process_1.spawn)(process.platform === "win32" ? "npx.cmd" : "npx", ["tsx", "watch", entry], { L22: cwd: process.cwd(),
    High
    Runtime Package Install

    Package source invokes a package manager install command at runtime.

    dist/cli/commands/serve.jsView on unpkg · L20

    Findings

    1 Critical2 High3 Medium5 Low
    CriticalPrevious Version Dangerous Deltadist/server/search/search.service.js
    HighChild Processdist/server/search/search.service.js
    HighRuntime Package Installdist/cli/commands/serve.js
    MediumNetwork
    MediumEnvironment Vars
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings