registry  /  univer-cli  /  0.3.2

univer-cli@0.3.2

Command-line tools for local Univer workbook automation.

AI Security Review

scanned 20m ago · by lpm-firewall-ai

No confirmed malicious attack surface. The install hook performs package-aligned telemetry only; the source-defined payload does not include credentials, files, or executable remote content.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
npm postinstall or first explicit invocation of a Univer CLI binary
Impact
Sends install/open and runtime metadata to the configured Univer endpoint.
Mechanism
Detached one-time telemetry POST with local anonymous state
Rationale
The lifecycle hook is privacy-relevant and obfuscated, but direct source inspection shows a bounded package-owned telemetry implementation rather than credential theft, remote payload execution, destructive behavior, or control-surface mutation.
Evidence
package.jsoninternal/product-telemetry.jsinternal/product-telemetry.jsonbin/univer.jsbin/univer-lite.jsbin/univer-sac.js~/.univer/telemetry/state.json
Network endpoints1
univer.ai/api/telemetry/cli

Decision evidence

public snapshot
AI called this Clean at 88.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • `package.json` runs obfuscated `internal/product-telemetry.js` at `postinstall`.
  • Telemetry starts a detached worker and POSTs automatically to `https://univer.ai/api/telemetry/cli`.
  • It persists a random install ID and event state under `~/.univer/telemetry/state.json`.
Evidence against
  • `internal/product-telemetry.js` constructs a fixed telemetry payload: anonymous ID, event, package/build/runtime metadata.
  • No credential, project-file, shell-command, remote-code, or AI-agent-control-surface collection appears in the inspected telemetry source.
  • `bin/univer*.js` only launch the same one-time telemetry path before importing the package CLI.
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 182 file(s), 7.90 MB of source, external domains: 127.0.0.1, example.com, github.com, redi.wzhu.dev, univer.ai
Oversized source lightweight scan
chunks/vendor-COck-QwK.js11.6 MB file, sampled 256 KB
FilesystemMinified
render-runtime/assets/index-BDdLIBKr.js18.1 MB file, sampled 256 KB
NetworkChildProcessDynamicRequireHighEntropyStringsMinifiedUrlStringsredi.wzhu.dev
view/assets/vendor-DoabQ6r1.js23.0 MB file, sampled 256 KB
ChildProcessMinifiedUrlStringsredi.wzhu.dev

Source & flagged code

10 flagged · loading source
package.jsonView file
scripts.postinstall = node ./internal/product-telemetry.js postinstall
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./internal/product-telemetry.js postinstall
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/univer.jsView file
4import { dirname, join, resolve } from "node:path"; L5: import { spawn } from "node:child_process"; L6: import { fileURLToPath } from "node:url";
High
Child Process

Package source references child process execution.

bin/univer.jsView on unpkg · L4
4Cross-file remote execution chain: bin/univer.js spawns internal/product-telemetry.js; helper contains network access plus dynamic code execution. L4: import { dirname, join, resolve } from "node:path"; L5: import { spawn } from "node:child_process"; L6: import { fileURLToPath } from "node:url"; ... L10: if (manager === "bun") { L11: process.env.UNIVER_MANAGED_BY_BUN = "1"; L12: delete process.env.UNIVER_MANAGED_BY_NPM; ... L20: const { runPublicCli } = await import("../internal/cli.js"); L21: process.exitCode = await runPublicCli({ L22: args: process.argv.slice(2), ... L50: const configPath = resolve(dirname(telemetryEntry), "product-telemetry.json"); L51: const config = JSON.parse(readFileSync(configPath, "utf8")); L52: return typeof config.endpoint === "string" && config.endpoint.trim().length > 0;
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

bin/univer.jsView on unpkg · L4
chunks/build-id-DLcSEx-D.jsView file
1(function(_0x24ff03,_0x32395e){const _0xc65257=_0x2695,_0x488c2c=_0x24ff03();while(!![]){try{const _0x5dfded=parseInt(_0xc65257(0x1c3))/0x1*(parseInt(_0xc65257(0x1c1))/0x2)+-parseI...
Low
Weak Crypto

Package source references weak cryptographic algorithms.

chunks/build-id-DLcSEx-D.jsView on unpkg · L1
internal/product-telemetry.jsView file
1#!/usr/bin/env node L2: const _0x23c586=_0x10ec;(function(_0x3ebab9,_0x2ab847){const _0x30e620=_0x10ec,_0x36c6b4=_0x3ebab9();while(!![]){try{const _0x53c3a6=-parseInt(_0x30e620(0xc5))/0x1*(-parseInt(_0x30...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

internal/product-telemetry.jsView on unpkg · L1
1#!/usr/bin/env node L2: const _0x23c586=_0x10ec;(function(_0x3ebab9,_0x2ab847){const _0x30e620=_0x10ec,_0x36c6b4=_0x3ebab9();while(!![]){try{const _0x53c3a6=-parseInt(_0x30e620(0xc5))/0x1*(-parseInt(_0x30...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

internal/product-telemetry.jsView on unpkg · L1
view/assets/vendor-GhUuOKHB.css.gzView file
path = view/assets/vendor-GhUuOKHB.css.gz kind = high_entropy_blob sizeBytes = 19522 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

view/assets/vendor-GhUuOKHB.css.gzView on unpkg
path = view/assets/vendor-GhUuOKHB.css.gz kind = compressed_blob sizeBytes = 19522 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

view/assets/vendor-GhUuOKHB.css.gzView on unpkg
chunks/vendor-COck-QwK.jsView file
path = chunks/vendor-COck-QwK.js kind = oversized_source_file sizeBytes = 12128716 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

chunks/vendor-COck-QwK.jsView on unpkg

Findings

9 High6 Medium6 Low
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processbin/univer.js
HighShell
HighSame File Env Network Executioninternal/product-telemetry.js
HighObfuscated Payload Loaderinternal/product-telemetry.js
HighCross File Remote Execution Contextbin/univer.js
HighObfuscated
HighShips High Entropy Blobview/assets/vendor-GhUuOKHB.css.gz
HighOversized Source Filechunks/vendor-COck-QwK.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Require
MediumNetwork
MediumEnvironment Vars
MediumShips Compressed Blobview/assets/vendor-GhUuOKHB.css.gz
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptochunks/build-id-DLcSEx-D.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License