AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a Slock/Raft daemon and bundled CLI that, when explicitly run with server credentials, connects to a Slock server and manages local AI agent runtimes.
Decision evidence
public snapshot- package.json has no install/postinstall hook; prepack/prepublishOnly are publish-time build scripts.
- dist/index.js only parses --server-url/--api-key and starts DaemonCore when bin is invoked.
- dist/chunk-EX73HXGE.js WebSocket connects to user-provided serverUrl with provided apiKey.
- child_process usage spawns named AI/runtime CLIs such as claude, codex, gemini, cursor-agent, copilot, opencode after server/user start requests.
- credential/env handling writes scoped Slock agent token files under ~/.slock and deletes raw credential env vars before spawning child agents.
- dist/dist-PCKZII47.js is bundled raft/slock CLI code imported by runBundledSlockCli, not an install-time payload.
Source & flagged code
7 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/chunk-EX73HXGE.jsView on unpkg · L677Package contains a possible secret pattern.
dist/chunk-EX73HXGE.jsView on unpkg · L12487This package version adds a dangerous source file absent from the previous stored version.
dist/dist-PCKZII47.jsView on unpkgPackage source references child process execution.
dist/dist-PCKZII47.jsView on unpkg · L12Package contains source files above the static scanner size ceiling.
dist/cli/index.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli/index.jsView on unpkg