AI called this Suspicious at 89.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `scaffold/.github/workflows/docs.yml` invokes a remote reusable workflow at `@main` with `secrets: inherit`.
- `dist-cli/cli.js` copies that workflow into the consumer project during explicit `trickfire-docs init`.
- The remote workflow source is not included, so inherited CI secrets could be consumed after a consumer push.
Evidence against
- `package.json` has no npm `preinstall`, `install`, or `postinstall` hook.
- `dist-cli/cli.js` runs only after explicit `dev`, `build`, or `init` CLI commands.
- No credential harvesting, HTTP client, shell execution, eval, or payload download appears in package source.
- CLI file writes are documentation scaffolding/build artifacts under the invoked project.
Behavioral surface
SourceChildProcessDynamicRequireFilesystemShell
Supply chainHighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 14.5 KB of source, external domains: docs.trickfirerobotics.com, fonts.googleapis.com, github.com, www.notion.so