AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is a shareable developer config CLI with explicit commands that edit local project config and run formatter/linter/package-manager tools.
Decision evidence
public snapshot- src/index.ts exposes user-invoked execSync wrappers and killPort command
- src/runner.ts runs user-supplied commands via Bun.spawn for `config run`
- src/vanilla-extract/patch-vanilla-extract.ts rewrites installed @vanilla-extract integration files during `prepare` command
- package.json has no preinstall/install/postinstall hook; only prepublishOnly
- CLI actions are explicit user commands through bin `config`, not import-time execution
- No network clients, URLs, credential harvesting, or exfiltration endpoints found by rg/source inspection
- Project writes are package-aligned config maintenance: .vscode, package.json overrides, sideEffects, local symlinks, formatter config
- Runtime package install in src/manage-overrides.ts is conditional after package.json override changes during user-invoked prepare
Source & flagged code
4 flagged · loading sourcePackage source references child process execution.
src/vscode-config.tsView on unpkg · L1Package source references dynamic require/import behavior.
src/link-packages.tsView on unpkg · L21Package source invokes a package manager install command at runtime.
src/manage-overrides.tsView on unpkg · L60This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/index.tsView on unpkg