registry  /  @arnilo/prism  /  0.0.4

@arnilo/prism@0.0.4

Agent harness for AI providers, agents, sessions, and tools.

AI Security Review

scanned 1d ago · by lpm-firewall-ai

No confirmed malicious attack surface. Package network and filesystem capabilities are explicit runtime library/CLI features, not install-time behavior.

Static reason
No blocking static signals were detected.
Trigger
User invokes the CLI or host application configures provider, tools, media URLs, or session storage.
Impact
No unsolicited persistence, credential exfiltration, remote payload execution, or foreign AI-agent configuration mutation was found.
Mechanism
Explicit agent framework APIs with caller-supplied providers, handlers, paths, and URLs.
Rationale
Static inspection found no lifecycle execution, child-process use, dynamic code loading, obfuscated payload, or unauthorized filesystem/config mutation. Network requests and credential use are confined to explicitly configured AI-provider and media-fetch functionality.
Evidence
package.jsondist/index.jsdist/cli.jsdist/cli-runner.jsdist/credentials.jsdist/node/session-store-jsonl.jsdist/content.jsdist/providers/openai-compatible.jsdist/extensions.jsdist/tools.js

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall lifecycle hook.
    • dist/index.js only re-exports APIs and declares metadata.
    • dist/cli.js runs only when the user invokes the prism binary.
    • dist/cli-runner.js performs discovery and prompt-file reads only through explicit CLI options or workspace paths.
    • dist/node/session-store-jsonl.js writes only to the caller-provided session-store path.
    • dist/providers/openai-compatible.js sends requests only to caller-configured baseUrl and uses supplied credentials.
    Behavioral surface
    Source
    ChildProcessCryptoFilesystem
    Supply chain
    HighEntropyStrings
    ManifestNo manifest risk signals triggered.
    scanned 61 file(s), 320 KB of source

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    3 Low
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings