AI Security Review
scanned 6h ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is a runtime-neutral Hono server layer with authenticated controllers, OAuth clients, GitHub APIs, LLM proxying, and container-agent dispatch as product functionality.
Decision evidence
public snapshot- dist/agents/ContainerAgentExecutor.js contains agent job dispatch logic that can pass GitHub and subscription tokens to configured runner transports, but only during authenticated runtime workflows.
- package.json has no npm lifecycle hooks or bin entries; main is dist/index.js exports only.
- dist/index.js re-exports server modules and does not perform install-time or import-time side effects.
- dist/modules/tasks/TaskSourceController.js is Hono route wiring for configured task integrations; scanner dynamic-require hint is not present in source.
- dist/crypto/encoding.js only parses caller-supplied PEM/base64url data; no embedded secret was found.
- Network use is package-aligned OAuth, GitHub, LLM proxy, and web-search server functionality with auth/SSRF guards in inspected code.
- No writes to AI-agent control surfaces, shell startup files, VCS hooks, or persistence locations were found.
Source & flagged code
7 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/crypto/encoding.d.tsView on unpkg · L7RSA private key in dist/crypto/encoding.d.ts
dist/crypto/encoding.d.tsView on unpkg · L7RSA private key in dist/crypto/encoding.d.ts
dist/crypto/encoding.d.tsView on unpkg · L8Package source references dynamic require/import behavior.
dist/modules/tasks/TaskSourceController.jsView on unpkg · L188RSA private key in dist/github/GitHubAppAuth.d.ts
dist/github/GitHubAppAuth.d.tsView on unpkg · L4