AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The main install-time behavior bootstraps a pinned ripgrep binary for package code-search functionality and records its path under package/home cache locations.
Decision evidence
public snapshot- package.json runs postinstall: node scripts/postinstall.js
- scripts/postinstall.js may download ripgrep and write ~/.comate/ripgrep-binary plus .rg-path
- scripts/postinstall.js uses execSync for rg/version/probe/archive commands
- bin/zulu-tui.mjs launches embedded zulu engine and sets ~/.cot auth/plans dirs at user runtime
- comate-engine includes user-invoked skills that read/cache tokens for Baidu internal services
- Postinstall purpose is explicit ripgrep bootstrap for code search, with system-rg and embedded/cache checks before download
- Download URLs are pinned ripgrep release sources, not attacker-controlled except optional RIPGREP_MIRROR_BASE env
- Postinstall failures are non-fatal and no credential/env harvesting or exfiltration found in install script
- bin/zulu-tui.mjs dynamic imports are local package modules or @comate/zulu fallback for CLI runtime
- export_sheet.md secret hit is a documented example download URL, not executable code
- No unconsented install-time mutation of foreign AI-agent control surfaces found
Source & flagged code
13 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
comate-engine/assets/skills/ku-doc-manage/references/export_sheet.mdView on unpkg · L29Supabase service role key (JWT) in comate-engine/assets/skills/ku-doc-manage/references/export_sheet.md
comate-engine/assets/skills/ku-doc-manage/references/export_sheet.mdView on unpkg · L29A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L1Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L45This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
scripts/postinstall.jsView on unpkgPackage source references dynamic require/import behavior.
bin/zulu-tui.mjsView on unpkg · L62Package ships non-JavaScript build or shell helper files.
comate-engine/assets/skills/icode/scripts/common.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/zulu/index.jsView on unpkgHardcoded password in comate-engine/assets/skills/code-security/references/vul_repair_sensitive.md
comate-engine/assets/skills/code-security/references/vul_repair_sensitive.mdView on unpkg · L384