registry  /  youmindag  /  1.0.3

youmindag@1.0.3

🧠 Inyecta inteligencia de contexto a cualquier proyecto. Una línea y tu AI coding tool entiende toda la arquitectura.

AI Security Review

scanned 6d ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The package is a user-invoked AI-context scaffolder that installs OpenCode/AGENTS.md guidance into the current project. This creates a first-party agent-extension lifecycle risk, but no confirmed malicious chain was found.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Explicit CLI execution via `youmindag` or `npx youmindag` in a target project directory.
Impact
May alter local AI-agent behavior and install/run Graphify in the target project; no evidence of exfiltration, stealth persistence, destructive behavior, or install-time control-surface hijack.
Mechanism
Agent-context scaffolding plus runtime Graphify install/execution
Rationale
Source inspection supports a warning for first-party agent extension setup and runtime package-manager use, not a publish block. The risky primitives are visible, package-aligned, and user-invoked, with no concrete malicious payload or exfiltration path found.
Evidence
package.jsonbin/run.mjstemplate/.opencode/opencode.jsontemplate/.opencode/plugins/context-loader.jstemplate/.opencode/skills/context-loader.yamltemplate/AGENTS.mdtemplate/scripts/load-context.mjstarget boveda/target .opencode/target .opencode/opencode.jsontarget .opencode/plugins/context-loader.jstarget .opencode/context-map.yamltarget scripts/target AGENTS.mdtarget AGENTS.md.baktarget .gitignoretarget .graphify/graph.jsontarget graphify-visual/studio.html
Network endpoints2
github.com/CESARBR2025/youmindag.gitnpm registry implicit via `npm install @sentropic/graphify`

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `bin/run.mjs` explicitly copies `template/.opencode` into the target project and overwrites `AGENTS.md` after backing it up.
  • `template/.opencode/opencode.json` registers `.opencode/plugins/context-loader.js` as an OpenCode plugin.
  • `template/.opencode/plugins/context-loader.js` hooks `tool.execute.before`, runs `node scripts/load-context.mjs <task>`, and prepends context output to tool commands.
  • `bin/run.mjs` runs `npm install @sentropic/graphify` and several `npx graphify ...` commands during CLI execution.
Evidence against
  • `package.json` has no preinstall/install/postinstall lifecycle scripts.
  • Behavior is activated by explicit `youmindag`/`npx youmindag` CLI use, not package install or import.
  • No credential harvesting, hardcoded exfiltration endpoint, obfuscated payload, remote payload download, persistence, or destructive file deletion found.
  • Network use is limited to npm package-manager/Graphify commands and the repository URL in metadata.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 18.9 KB of source

Source & flagged code

3 flagged · loading source
bin/run.mjsView file
•matchType = previous_version_dangerous_delta matchedPackage = youmindag@1.0.4 matchedIdentity = npm:eW91bWluZGFn:1.0.4 similarity = 0.750 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

bin/run.mjsView on unpkg
8import { fileURLToPath } from 'url' L9: import { execSync } from 'child_process' L10:
High
Child Process

Package source references child process execution.

bin/run.mjsView on unpkg · L8
2// YouMindAG — Inyecta inteligencia de contexto a cualquier proyecto. L3: // Uso: npx youmindag L4: // Ejecutar DENTRO del directorio del proyecto destino. ... L8: import { fileURLToPath } from 'url' L9: import { execSync } from 'child_process' L10:
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/run.mjsView on unpkg · L2

Findings

1 Critical3 High2 Medium2 Low
CriticalPrevious Version Dangerous Deltabin/run.mjs
HighChild Processbin/run.mjs
HighShell
HighRuntime Package Installbin/run.mjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings