bigquery-analytics

No direct evidence of malicious payloads (no eval/Function, no obfuscated logic, no network activity or file modification in this snippet). However, the module is security-sensitive because it executes a third-party dependency via npx and forwards broad environment variables—including optionally importing values from a local .env file—into that external execution. It also forwards arbitrary user-supplied arguments into the invoked tool. This creates meaningful supply-chain/execution-surface and secret-propagation risk, especially on Windows where shell:true is enabled.

No overt malicious logic is present in this wrapper itself (no eval, no network/file-damage operations, no explicit exfiltration). However, it creates meaningful security exposure by executing an external tool via npx and forwarding both user-controlled CLI arguments and potentially sensitive environment values (including a local .env file and broad CLAUDE_PLUGIN_OPTION_* variables) into the subprocess with inherited stdio. Treat the invoked package/tool as untrusted code and ensure supply-chain integrity (lockfile/verified installs) and minimize secret propagation.

This module is a thin launcher that conditionally loads configuration from a local .env file and forwards both environment variables (potentially including secrets) and user-provided CLI arguments to an npx-executed third-party dependency (@toolbox-sdk/server@1.1.0). The wrapper contains no clear malicious payload on its own (no exfiltration/persistence/obfuscation), but it meaningfully increases secret-exposure and supply-chain risk due to dynamic execution and broad environment propagation. Review/lock down the invoked tool’s behavior and ensure .env contents and CLI arguments are appropriate for the threat model.