AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious install-time, import-time, or persistence behavior was found. The main risk surface is an explicit MCP execute tool that evaluates user-provided TypeScript against the Augno SDK in a Deno worker with limited network permissions.
Decision evidence
public snapshot- package.json has no preinstall/install/postinstall scripts; only build/test/lint/format/fix scripts are present.
- index.ts/index.js only starts an MCP server when run as the bin/main module, choosing stdio or HTTP transport from CLI options.
- src/code-tool.ts runs user-supplied code only through the MCP execute tool and restricts Deno worker network to the SDK client baseURL hostname.
- src/code-tool-worker.ts dynamically imports a data: TypeScript module from the execute tool input, then calls run(client); this is declared package functionality.
- src/http.ts accepts API keys/env overrides from explicit request headers and redacts auth/key/token/env headers in logs.
- src/instructions.ts reads only an optional user-supplied custom instructions file; no AI-agent config writes or persistence files found.
Source & flagged code
4 flagged · loading sourcePackage source references dynamic require/import behavior.
instructions.jsView on unpkg · L7Tarball package.json differs from the npm registry version manifest for scripts or dependency sets.
package.jsonView on unpkgPackage manifest contains a dependency pinned to a remote tarball URL.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
code-tool-worker.jsView on unpkg