AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface by static source inspection. Risky primitives are aligned with an AI code-generation CLI and require explicit user CLI actions, with no install-time execution.
Decision evidence
public snapshot- dist/cli.mjs imports child_process and has user-invoked update/launch/agent commands.
- dist/credentials-KJmJXz9z.mjs contains embedded agent setup prompts and may spawn Builder-managed agents from CLI flows.
- dist/cli.mjs clipboard helpers read/write clipboard only for paste/copy UI paths, not wallet-address replacement.
- package.json has no lifecycle scripts; only bin builder -> dist/cli.mjs.
- dist/credentials-KJmJXz9z.mjs readCredentials uses CLI args/env/stored Builder credentials for Builder.io authentication, not broad secret harvesting.
- dist/cli.mjs selfUpdate fetches @builder.io binary tarballs from registry.npmjs.org only when user runs update/standalone checks.
- dist/cli.mjs createFusionExampleProject posts to Builder API using Builder credentials for documented project/agent creation.
- dist/cli.mjs command table shows dangerous primitives are tied to explicit CLI features: code, launch, mcp, auth, update, push/pull.
- dist/pac-BbqDux7q.mjs is a PAC resolver bundle dynamically imported for proxy config, not an encrypted dropped executable.
Source & flagged code
11 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/pac-BbqDux7q.mjsView on unpkg · L15229Source reads and rewrites clipboard contents matching cryptocurrency wallet addresses.
dist/cli.mjsView on unpkg · L2A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli.mjsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli.mjsView on unpkg · L2Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.mjsView on unpkg · L2Source decrypts an embedded payload, writes it to disk, and executes it through a child process.
dist/credentials-KJmJXz9z.mjsView on unpkgPackage contains source files above the static scanner size ceiling.
dist/credentials-KJmJXz9z.mjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/credentials-KJmJXz9z.mjsView on unpkg