AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established by the inspected package source. The package is a CLI/web harness that talks to local services and has explicit user-invoked agent/skill features.
Decision evidence
public snapshot- dist/cli.js exposes user-invoked agent commands that create/run harness tasks tagged agent/self-improve.
- dist/server/src/lib/run-task.ts delegates agent-tagged tasks to @omega/agent, but that package source is not included here.
- package.json has only prepublishOnly; no install/postinstall/prepare runtime hook for consumers.
- dist/cli.js network defaults are localhost HTTP/gRPC endpoints, with user-configurable HARNESS_API_URL/HARNESS_GRPC_TARGET.
- dist/cli.js child_process spawn is in the ui command to start the bundled local server or dev server.
- dist/cli.js file writes occur only in the explicit skill generate command to create adapter files.
- No credential harvesting, home-directory scanning, persistence, destructive behavior, or external exfiltration endpoints found.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version.
dist/cli.jsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli.jsView on unpkg · L527