registry  /  youmindag  /  1.1.0

youmindag@1.1.0

🧠 Inyecta inteligencia de contexto a cualquier proyecto. Una línea y tu AI coding tool entiende toda la arquitectura.

AI Security Review

scanned 6d ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs npx youmindag, then later uses OpenCode with the installed plugin.
Impact
Project AGENTS.md/.opencode behavior is changed; crafted task text could influence shell execution through the installed OpenCode plugin.
Mechanism
explicit CLI agent-extension setup with shell-command hook
Rationale
Source inspection shows explicit user-command mutation of an AI-agent control surface and runtime package-manager execution, but no npm lifecycle hook, credential theft, exfiltration endpoint, destructive action, or covert remote payload. Under the policy this is warn-level agent capability abuse rather than a publish-blocking malicious package.
Evidence
package.jsonbin/run.mjstemplate/.opencode/plugins/context-loader.jstemplate/scripts/load-context.mjstemplate/.opencode/skills/context-loader.yamltemplate/AGENTS.mdtemplate/.opencode/context-map.yamltemplate/.opencode/opencode.jsontemplate/scripts/extract-domain.mjstemplate/scripts/export-schema.mjstemplate/scripts/populate-vault.mjstemplate/boveda/
Network endpoints1
github.com/CESARBR2025/youmindag.git

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • bin/run.mjs is a CLI bin that writes .opencode/, scripts/, boveda/, AGENTS.md and AGENTS.md.bak into the caller project.
  • bin/run.mjs runs npm install @sentropic/graphify and npx graphify commands at explicit CLI runtime.
  • template/.opencode/plugins/context-loader.js installs an OpenCode tool.execute.before hook that mutates future shell commands.
  • template/.opencode/plugins/context-loader.js builds execSync command with unescaped task text inside shell quotes.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle hooks.
  • No credential exfiltration, destructive deletion, persistence outside project files, or hardcoded network exfil endpoint found.
  • AI-agent control-surface writes happen from explicit npx youmindag CLI use, not unconsented install-time execution.
  • Template files are package-aligned context/knowledge-vault tooling rather than covert payloads.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 41.5 KB of source

Source & flagged code

3 flagged · loading source
bin/run.mjsView file
•matchType = previous_version_dangerous_delta matchedPackage = youmindag@1.0.4 matchedIdentity = npm:eW91bWluZGFn:1.0.4 similarity = 0.750 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

bin/run.mjsView on unpkg
8import { fileURLToPath } from 'url' L9: import { execSync } from 'child_process' L10:
High
Child Process

Package source references child process execution.

bin/run.mjsView on unpkg · L8
2// YouMindAG — Inyecta inteligencia de contexto a cualquier proyecto. L3: // Uso: npx youmindag L4: // Ejecutar DENTRO del directorio del proyecto destino. ... L8: import { fileURLToPath } from 'url' L9: import { execSync } from 'child_process' L10:
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

bin/run.mjsView on unpkg · L2

Findings

1 Critical3 High2 Medium2 Low
CriticalPrevious Version Dangerous Deltabin/run.mjs
HighChild Processbin/run.mjs
HighShell
HighRuntime Package Installbin/run.mjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings