AI Security Review
scanned 2h ago · by lpm-firewall-aiInstallation mutates user environments by installing runtime npm dependencies and a Python anti-detect browser package. Runtime code can automate XAI OAuth login and run a TLS MITM proxy for selected AI-provider hosts, retaining intercepted traffic locally.
Decision evidence
public snapshot- package.json runs hooks/postinstall.js automatically.
- hooks/pythonRuntime.js postinstall installs cloakbrowser==0.4.7 with pip.
- app/relogin-grok.py automates headless XAI login, password entry, and OAuth consent.
- app/src/mitm/server.js targets Copilot, Google Cloud Code, Kiro, and Cursor traffic.
- app/src/mitm/server.js writes intercepted request headers/bodies to local MITM logs.
- Observed remote endpoints are npm registry and XAI/Grok service endpoints, not an attacker-controlled sink.
- SQLite and tray runtime installs are pinned package dependencies.
- CLI agent-tool settings are exposed through explicit runtime menu/API actions, not postinstall.
- No source-confirmed credential exfiltration, remote payload fetch, or foreign AI-agent config mutation found.
Source & flagged code
16 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
app/.next-cli-build/server/chunks/4306.jsView on unpkg · L1RSA private key in app/.next-cli-build/server/chunks/4306.js
app/.next-cli-build/server/chunks/4306.jsView on unpkg · L1Package source references child process execution.
app/src/mitm/server.jsView on unpkg · L33A single source file combines environment access, network access, and code or shell execution; review context before blocking.
app/src/mitm/server.jsView on unpkg · L24Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
app/src/mitm/server.jsView on unpkg · L24This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
cli.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
cli.jsView on unpkg · L2Package source references dynamic require/import behavior.
app/server.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
src/cli/tray/autostart.jsView on unpkg · L3Package source invokes a package manager install command at runtime.
app/src/lib/updater/updater.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
app/relogin-grok.pyView on unpkgPackage ships high-entropy non-source blobs.
app/.next-cli-build/static/media/material-symbols-outlined.ec1fa111.woff2View on unpkgRSA private key in app/.next-cli-build/server/chunks/8971.js
app/.next-cli-build/server/chunks/8971.jsView on unpkg · L1