AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface found. Network, filesystem writes, and subprocess use are aligned with explicit CLI features for indexing, vault sync, embeddings, local UI, and agent integration.
Static reason
No blocking static signals were detected.
Trigger
User runs brainlink/blink CLI commands; no install-time hook found.
Impact
Expected local vault/config changes only when commands are invoked
Mechanism
Local-first Markdown vault CLI with optional update check, embeddings, MCP config, and helper subprocesses
Rationale
Static inspection found no lifecycle execution, credential harvesting, hidden payload, or unconsented persistence. The sensitive primitives are documented, user-invoked package features for a vault/MCP CLI.
Evidence
package.jsondist/cli/main.jsdist/application/check-package-update.jsdist/domain/embeddings.jsdist/cli/commands/agent-commands.jsdist/cli/commands/write/server-commands.jsdist/infrastructure/docling.jsdist/application/vault-git.jsdist/application/import-legacy-sqlite.js
Network endpoints5
registry.npmjs.orgapi.openai.com/v1127.0.0.1:11434127.0.0.1:43210.0.0.0:3333
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks
- dist/cli/main.js only runs CLI setup and optional update notice
- dist/application/check-package-update.js fetches npm registry latest version and caches locally
- dist/domain/embeddings.js external calls are configured embedding providers using OpenAI/Ollama
- dist/cli/commands/agent-commands.js writes Codex MCP config only via explicit agent install/upgrade commands
- child_process use is user-invoked for git/docling/sqlite/browser helpers, not install/import-time
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
2 Medium4 Low
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings