registry  /  usrcp-github  /  0.2.2

usrcp-github@0.2.2

GitHub capture adapter for USRCP - polls the REST API for pull requests authored by the configured user and appends them to the local ledger

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a GitHub polling adapter that reads configured GitHub activity and writes local USRCP ledger/config state; the install hook rebuilds better-sqlite3 rather than planting code or collecting credentials.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
postinstall rebuild; user-invoked usrcp-github CLI/setup
Impact
Package-aligned collection of configured user's GitHub activity into local USRCP ledger
Mechanism
GitHub REST polling and local ledger capture
Rationale
Static source inspection found a lifecycle script, credential handling, network access, and child_process usage, but each is package-aligned: rebuilding a native dependency, storing an encrypted GitHub PAT, calling GitHub APIs, and launching setup only on an explicit CLI flag. No concrete unconsented persistence, exfiltration, remote code execution, or AI-agent control-surface mutation was found.
Evidence
package.jsondist/index.jsdist/config.jsdist/capture.jsdist/setup.jsnode_modules/better-sqlite3/buildnode_modules/usrcp-core/node_modules/better-sqlite3/buildnode_modules/usrcp-stream/node_modules/better-sqlite3/build~/.usrcp/github-config.json
Network endpoints2
api.github.comgithub.com/settings/tokens

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json has postinstall running fs.rmSync on better-sqlite3 build dirs then npm rebuild better-sqlite3
  • dist/index.js imports node:child_process but only execSyncs `usrcp setup --adapter=github` when CLI flag --reset-config is used
Evidence against
  • dist/index.js main is CLI-gated with require.main check; import does not start polling
  • dist/index.js uses Octokit to query GitHub PRs/issues/comments/reviews for configured github_login
  • dist/config.js stores github_token via usrcp-adapter-kit secret config and cursor fields
  • dist/capture.js appends GitHub activity into local ledger; no arbitrary shell, eval, or exfil endpoint found
  • dist/setup.js is an interactive setup wizard validating a user-provided PAT against api.github.com
  • No writes to AI-agent control surfaces, shell startup files, VCS hooks, or persistence locations found
Behavioral surface
Source
ChildProcessEnvironmentVars
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 49.1 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node -e "const fs=require(\"fs\"); for (const p of [\"node_modules/better-sqlite3/build\",\"node_modules/usrcp-core/node_modules/better-sqlite3/build\",\"node_modules/usrcp-stream/...
Critical
Red Install Lifecycle Script

Install-time lifecycle script matches a deterministic static-gate block pattern.

package.jsonView on unpkg
scripts.postinstall = node -e "const fs=require(\"fs\"); for (const p of [\"node_modules/better-sqlite3/build\",\"node_modules/usrcp-core/node_modules/better-sqlite3/build\",\"node_modules/usrcp-stream/...
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg

Findings

1 Critical1 High1 Medium2 Low
CriticalRed Install Lifecycle Scriptpackage.json
HighInstall Time Lifecycle Scriptspackage.json
MediumEnvironment Vars
LowScripts Present
LowUrl Strings