AI Security Review
scanned 5h ago · by lpm-firewall-aiNo confirmed package-originated malicious attack surface. Process execution, dynamic imports, file writes, and network access are tied to explicit AtlasFlow CLI commands and the user workspace.
Decision evidence
public snapshot- `dist/index.js` dynamically imports user workspace config and generated modules during explicit build/dev/eval commands.
- `dist/index.js` can spawn Node, Wrangler, Docker, and user-selected sandbox commands only through named CLI workflows.
- `dist/index.js` reads `ATLASFLOW_API_KEY` only to authenticate the explicit `logs --server` request.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `bin/atlasflow.js` only dispatches user-supplied CLI arguments to `main`.
- The only direct `fetch` calls in `dist/index.js` target the user-selected logs server, defaulting to localhost.
- Sensitive workspace files and directories are explicitly excluded or rejected during agent-folder export.
- No source references to foreign AI-agent configuration paths, VCS hooks, credential harvesting, or unsolicited external endpoints were found.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
dist/index.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L1284