AI Security Review
scanned 6d ago · by lpm-firewall-aiNo confirmed malicious install-time, import-time, or hidden payload behavior was found. Runtime capabilities are a local web UI for the pi coding agent and match the package description.
Static reason
No blocking static signals were detected.
Trigger
user runs pi-web CLI or uses local web UI routes
Impact
local session/file/model/skill management when explicitly used
Mechanism
starts Next.js server and exposes package-aligned local pi management APIs
Rationale
Static inspection found powerful local-agent UI primitives, including API key storage, file/session access, git worktree commands, and explicit skill installation, but they are runtime user-invoked and aligned with the documented pi-web purpose. There are no lifecycle hooks, credential exfiltration endpoints, stealth persistence, or executable hidden payloads.
Evidence
package.jsonbin/pi-web.jsnext.config.tsREADME.md.next/server/app/favicon.ico.body.next/server/app/api/skills/install/route.js
Network endpoints4
localhost:30141github.com/agegr/pi-web#readmegithub.com/agegr/pi-web.gitgithub.com/agegr/pi-web/issues
Decision evidence
public snapshotAI called this Clean at 88.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no preinstall/install/postinstall lifecycle hooks
- bin/pi-web.js only starts bundled Next server and opens local browser URL
- README.md describes local UI for pi sessions, models, files, skills, and worktrees
- next.config.ts only reads package versions into public env values
- API routes with file/session/auth/skill/git access are runtime user-invoked and package-aligned
- .next/server/app/favicon.ico.body is a PNG header, not an executable payload
Behavioral surface
ChildProcessEnvironmentVarsFilesystem
Source & flagged code
2 flagged · loading source.next/server/app/favicon.ico.bodyView file
•path = .next/server/app/favicon.ico.body
kind = high_entropy_blob
sizeBytes = 22542
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
.next/server/app/favicon.ico.bodyView on unpkg•path = .next/server/app/favicon.ico.body
kind = payload_in_excluded_dir
sizeBytes = 22542
magicHex = [redacted]
High
Payload In Excluded Dir
Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
.next/server/app/favicon.ico.bodyView on unpkgFindings
2 High2 Medium2 Low
HighShips High Entropy Blob.next/server/app/favicon.ico.body
HighPayload In Excluded Dir.next/server/app/favicon.ico.body
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem