AI Security Review
scanned 6h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. Network requests are limited to explicit CLI operations against a user-selected server or OpenAPI URL, and project code execution follows explicit build/run/eval commands.
Decision evidence
public snapshot- `dist/index.js` exposes explicit CLI commands that can bundle and import a user project.
- `dist/index.js` sends `--api-key` or `ATLASFLOW_API_KEY` only with user-invoked `eval`/`logs` requests to the selected server.
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- `bin/atlasflow.js` only calls exported `main()` after the user invokes the CLI.
- `dist/index.js` command dispatch requires explicit `run`, `eval`, `logs`, `deploy`, or similar commands.
- Dynamic imports in `dist/index.js` load generated local project bundles or declared AtlasFlow modules, not remote code.
- No reads of `.ssh`, `.aws`, `.npmrc`, or credential files were found; export/import logic explicitly rejects sensitive paths.
- No foreign AI-agent control-surface paths or unconsented persistence mechanism were found.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
dist/index.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L1284