AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The sensitive primitives are substantial but align with an installed OpenCode workflow plugin and user-invoked host sanitizer.
Decision evidence
public snapshot- dist/index.js config hook writes OpenCode agent files under OPENCODE_CONFIG_DIR/agents and sets default_agent.
- dist/sanitize_cli.js bin can SSH to a host and remove discovered Optima override markdown files after backup when user invokes it.
- dist/index.js contains ClickUp/GitHub API clients and local OpenCode/CDP automation endpoints.
- package.json has no install/preinstall/postinstall lifecycle hooks; prepack/build are publish-time scripts.
- README.md documents an OpenCode plugin for ClickUp/OpenCode/GitHub workflow automation and agent registration.
- dist/index.js network calls target package-aligned ClickUp/GitHub/OpenCode/CDP APIs and require runtime config/tokens.
- dist/index.js shell execution is git-focused and used by explicit Optima repair/worktree tools, not import-time payload execution.
- dist/sanitize_cli.js destructive removal is limited to discovered Optima override markdown files and creates a host backup first.
- scripts/optima-sanitize-host.js only imports the packaged CLI entrypoint.
Source & flagged code
5 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L14958Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L14402Package source references dynamic require/import behavior.
scripts/optima-sanitize-host.jsView on unpkg · L9Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/sanitize_cli.jsView on unpkg · L2592