AI Security Review
scanned 1h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package contains a user-invoked Vite plugin and optional dev daemon/tunnel that mutate Deco project files and localhost runtime state for CMS development.
Decision evidence
public snapshot- src/vite/plugin.js uses child_process exec to run `npx tsx ...generate-schema.ts` during Vite dev file-watch events.
- src/vite/plugin.js writes project `.deco/blocks.gen.json` and posts block deltas to localhost `/.decofile`.
- src/vite/plugin.js starts a dev tunnel only when DECO_SITE_NAME and DECO_ENV_NAME are set.
- src/daemon/fs.ts and src/daemon/volumes.ts expose authenticated local daemon APIs that can write/delete `.deco` files.
- package.json has no preinstall/install/postinstall lifecycle hooks and exports source entrypoints only.
- execFileSync in src/vite/plugin.js only runs `git rev-parse --short=12 HEAD` to derive a build hash.
- Network use is package-aligned: localhost dev reload, admin.deco.cx, .deco.host/simpletunnel.deco.site tunnel endpoints.
- Daemon/auth.ts verifies admin JWTs unless explicit DANGEROUSLY_ALLOW_PUBLIC_ACCESS is set by the user.
- No credential harvesting, broad filesystem traversal, remote payload download/execute, persistence, or AI-agent config mutation found.
- Dynamic import/tsx usage loads package-owned Deco modules for Vite plugin/daemon integration.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/vite/plugin.jsView on unpkgPackage source references child process execution.
src/vite/plugin.jsView on unpkg · L33Package source invokes a package manager install command at runtime.
src/vite/plugin.jsView on unpkg · L419Package source references a known benign dynamic code generation pattern.
src/sdk/workerEntry.tsView on unpkg · L472