AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Risky primitives are tied to explicit CLI subcommands for Actuate CMS project setup, Prisma migrations, update checks, exports, and editor MCP configuration.
Decision evidence
public snapshot- dist/commands/mcp.js writes .cursor/.vscode MCP configs, but only when user runs actuate mcp:init.
- dist/commands/migrate.js and db-init/db-status/db-sync invoke npx/prisma via user-run CLI commands.
- package.json has no lifecycle scripts; bin/main is dist/index.js.
- dist/index.js only registers Commander subcommands; no install/import-time execution.
- Network use is package-aligned: update checks, npm registry fallback, Vercel env read, or user-provided verify URL.
- No credential harvesting or exfiltration found; Vercel token/API key are used for documented CLI configuration/API calls.
- Project-file writes are explicit CLI actions: Prisma schema/migrations, package.json upgrades, export output, MCP config.
- Dynamic imports resolve cms-core/Prisma helpers from the consumer project for CMS database operations.
Source & flagged code
4 flagged · loading sourcePackage source references child process execution.
dist/commands/db-status.jsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/commands/db-status.jsView on unpkg · L80Package source references dynamic require/import behavior.
dist/utils/database.jsView on unpkg · L21This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/doctor.jsView on unpkg