AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a self-hosted AEO CLI/server with documented telemetry, integrations, agent skills, and MCP setup activated by user commands.
Decision evidence
public snapshot- dist/chunk-EMG4LIUJ.js implements opt-out telemetry to https://canonry.ai/api/telemetry with anonymized ID derived from hostname/MAC fallback.
- dist/cli.js init can user-invoked install bundled agent skills and MCP config into project agent control surfaces.
- dist/chunk-45YSA7GH.js has user-invoked npm spawn for Common Crawl DuckDB plugin install.
- package.json has no lifecycle scripts; bin wrappers only import dist/cli.js or dist/mcp.js on user execution.
- README.md discloses cnry init scaffolds .claude/.codex skills; code performs this only during init/skills commands, not install/import.
- Telemetry has notice and disable paths via CANONRY_TELEMETRY_DISABLED, DO_NOT_TRACK, CI, and canonry telemetry disable.
- Network endpoints are package-aligned: Canonry telemetry/update checks, npm registry, Google/OAuth/GA/GSC, Common Crawl, WordPress/Vercel/Cloud Run integrations.
- MCP installer writes explicit canonry-mcp entries with backups/dry-run support; not hidden persistence.
- No credential harvesting or exfiltration beyond user-configured provider/integration credentials for documented product features.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-45YSA7GH.jsView on unpkgPackage source references child process execution.
dist/chunk-45YSA7GH.jsView on unpkg · L25832A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli.jsView on unpkg · L10348Source collects local host identity data and sends it to an external endpoint.
dist/chunk-EMG4LIUJ.jsView on unpkg · L187