AI Security Review
scanned 5d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The risky primitives are part of documented OpenCode plugin, QA automation, ClickUp/GitHub integration, and explicit sanitize CLI behavior.
Decision evidence
public snapshot- dist/index.js writes OpenCode agent files and sets default_agent when plugin config hook runs
- dist/index.js exposes user-invoked QA script execution via new Function
- dist/sanitize_cli.js can mutate discovered Optima/OpenCode host metadata when its bin is explicitly run
- package.json has no install/preinstall/postinstall lifecycle hooks
- README.md describes an OpenCode plugin that installs and manages Optima agents and workflows
- dist/index.js network calls are aligned to configured ClickUp, GitHub, local OpenCode/CDP, and ChatGPT QA workflows
- scripts/optima-sanitize-host.js only imports the local source/dist CLI entrypoint
- dist/sanitize_cli.js remote ssh path is gated by explicit --host CLI option
- No import-time credential harvesting or exfiltration path found
Source & flagged code
5 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L14728Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L14172Package source references dynamic require/import behavior.
scripts/optima-sanitize-host.jsView on unpkg · L9Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/sanitize_cli.jsView on unpkg · L2592