AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package provides explicit local studio CLI/host workflows that write managed projects, install workspace dependencies, and run generated project infrastructure scripts.
Decision evidence
public snapshot- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `dist/cli/index.js` exposes `workspace install` and project operations as explicit CLI commands.
- `dist/host/orchestrator/projectPaths.js` validates IDs and confines projects under `<workspace>/apps/<id>`.
- `dist/host/orchestrator/workspaceRuntime.js` runs only `bun install` in the host workspace when explicitly invoked.
- `dist/host/orchestrator/infraRuntime.js` runs named generated project infra scripts with no remote payload retrieval.
- `dist/host/http/server.js` defaults to `127.0.0.1`; `security.js` restricts browser origins to local/private-network origins.
Source & flagged code
5 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/host/layout/templates/auth/adapter.jsView on unpkg · L1Supabase service role key (JWT) in dist/host/layout/templates/auth/adapter.js
dist/host/layout/templates/auth/adapter.jsView on unpkg · L1Package source references child process execution.
dist/host/modules/runtime/LocalFsTargetAdapter.jsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/host/orchestrator/workspaceRuntime.jsView on unpkg · L1This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/host/orchestrator/infraRuntime.jsView on unpkg