AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The package is a user-started authenticated gateway daemon with powerful but package-aligned remote management features.
Decision evidence
public snapshot- dist/health.js starts a WebSocket control client using bearer auth to config.gatewayWsUrl and handles cloud COMMAND messages.
- dist/health.js supports daemon.update/runtime.update commands that run npm/hermes/openclaw upgrade commands after daemon start.
- dist/health.js can apply runtime config via alfe.config_set and dynamically import registered integration handlers.
- dist/health.js installs optional launchd/systemd service files only through explicit CLI install command.
- package.json has no install/preinstall/postinstall lifecycle hooks.
- dist/bin/gateway.js only dispatches user-invoked CLI commands; default import does not start the daemon.
- Scanner eval/base64 hits are bundled dependency/runtime feature code, not remote asset decode-and-execute logic in package code.
- Network use is aligned with an authenticated Alfe gateway daemon and local AI proxy, not credential harvesting or arbitrary exfiltration.
- File writes are expected daemon state/service/log/socket files under ~/.alfe, runtime homes, or service-manager paths.
Source & flagged code
7 flagged · loading sourceSource fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
dist/health.jsView on unpkg · L3A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/health.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/health.jsView on unpkgPackage source references dynamic require/import behavior.
dist/health.jsView on unpkg · L58Source writes installer persistence such as shell profile or service configuration.
dist/health.jsView on unpkg · L3