registry  /  usrcp-core  /  0.2.0

usrcp-core@0.2.0

Framework-agnostic USRCP core — encrypted ledger, crypto, pairing, identity rotation, and scope enforcement. No MCP server, no CLI.

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface. Install-time native dependency rebuild is present but scoped to better-sqlite3; runtime file and network behavior is package-aligned encrypted ledger, pairing, and identity rotation functionality.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
npm install runs postinstall; runtime APIs run only when imported functions/classes are called
Impact
Local ~/.usrcp key/ledger files may be created or updated by explicit runtime use; pairing/rotation may contact caller-provided endpoints.
Mechanism
native dependency rebuild plus user-invoked encrypted ledger/pairing operations
Rationale
Static source inspection shows suspicious primitives are aligned with a crypto/SQLite ledger package: install rebuilds a declared native dependency, and runtime network/file operations require explicit API calls and caller-provided endpoints. I found no concrete unconsented exfiltration, persistence, destructive behavior, or AI-agent control-surface mutation.
Evidence
package.jsondist/index.jsdist/encryption.jsdist/crypto.jsdist/pair.jsdist/rotate-identity.jsdist/ledger/core.jsdist/ledger/keys.jsnode_modules/better-sqlite3/build~/.usrcp/users/<slug>/keys/*~/.usrcp/users/<slug>/ledger.db~/.usrcp/MIGRATED.md
Network endpoints5
opts.endpoint/v1/pairing/initopts.endpoint/v1/pairing/claim/{code}opts.endpoint/v1/pairing/listopts.endpoint/v1/pairing/{code}opts.endpoint/v1/rotate-identity

Decision evidence

public snapshot
AI called this Clean at 88.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json has postinstall that removes node_modules/better-sqlite3/build and runs npm rebuild better-sqlite3.
  • dist/pair.js and dist/rotate-identity.js make user-invoked fetch calls to caller-provided opts.endpoint paths.
Evidence against
  • dist/index.js only re-exports package modules; no import-time exfiltration or shell execution found.
  • postinstall action is scoped to rebuilding declared dependency better-sqlite3, not arbitrary files or network endpoints.
  • dist/encryption.js, dist/crypto.js, and dist/ledger/* implement local encrypted ledger/key storage under ~/.usrcp.
  • No hardcoded exfiltration host, credential harvesting loop, eval/vm/Function, or child_process use found.
  • Network use is package-aligned pairing/identity API calls requiring caller-supplied endpoint and invocation.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 17 file(s), 212 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node -e "const fs=require('fs'); for (const p of ['node_modules/better-sqlite3/build']) fs.rmSync(p,{recursive:true,force:true})" && npm rebuild better-sqlite3
Critical
Red Install Lifecycle Script

Install-time lifecycle script matches a deterministic static-gate block pattern.

package.jsonView on unpkg
scripts.postinstall = node -e "const fs=require('fs'); for (const p of ['node_modules/better-sqlite3/build']) fs.rmSync(p,{recursive:true,force:true})" && npm rebuild better-sqlite3
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg

Findings

1 Critical1 High1 Medium3 Low
CriticalRed Install Lifecycle Scriptpackage.json
HighInstall Time Lifecycle Scriptspackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings