AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is an AI workflow CLI that, when invoked, can generate project agent configs, workbench files, and optional git hooks.
Decision evidence
public snapshot- package.json exposes only prepublishOnly build lifecycle, not install-time execution.
- dist/cli.mjs writes agent/platform config files and git hooks only from explicit CLI commands such as init/gen-agents/install-hooks.
- dist/cli.mjs can fetch https://models.dev/api.json for user-invoked model listing/resolution.
- dist/cli.mjs uses child_process for git metadata/hook helper logic, not hidden payload download or execution.
- No preinstall/install/postinstall hooks in package.json.
- AI agent control-surface writes are package-aligned and user-invoked via bin command, not automatic install mutation.
- Network reference is a documented public models.dev API; no credential/env harvesting or exfil endpoint found.
- File writes are scoped to workbench state, generated agent files, config, and git hooks under the selected project.
- Scanner Trojan Source hit is in bundled web/dist dependency-like asset; no confirmed prompt/reviewer manipulation or malicious branch found.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.mjsView on unpkgSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
web/dist/assets/chunk-KEIR6QF5-BfrZ3jm6.jsView on unpkg · L46