AI Security Review
scanned 6d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. Risky primitives are tied to the stated local LLM proxy function and require explicit CLI/runtime use.
Decision evidence
public snapshot- dist/install-context.js writes agent-context.md to ~/.antigravity on proxy startup when source exists
- dist/cli/commands/start.js can run npm install --production if node_modules is missing
- dist/cli/utils/cert.js uses sudo/certutil/security to trust a local TLS cert on user command
- package.json has no install/postinstall hook; prepublishOnly only runs build before publishing
- bin/cli.js exposes user-invoked commands; start is not import-time execution
- dist/index.js proxy behavior is package-aligned: local dashboard/TLS proxy and LLM provider forwarding
- dist/adapter.js provider endpoints are standard configurable LLM APIs, not hidden exfil hosts
- dist/cli/utils/port.js only enumerates/kills processes on configured proxy ports
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/cli/utils/port.jsView on unpkg · L1Package source references weak cryptographic algorithms.
dist/cli/utils/cert.jsView on unpkg · L2This package version adds a dangerous source file absent from the previous stored version.
dist/cli/commands/start.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/cli/commands/start.jsView on unpkg · L135