AI Security Review
scanned 4d ago · by lpm-firewall-aiThe package provides an OpenCode workflow plugin with powerful agent tools for browser automation, ClickUp/GitHub integration, and local configuration writes. These are high-risk capabilities but appear package-aligned and activated by plugin/tool/CLI use rather than install or import.
Decision evidence
public snapshot- dist/index.js exposes optima_qa_chrome_command that runs user/agent supplied JS via new Function against Playwright/CDP browser pages.
- dist/index.js can connect to local Chrome DevTools at http://127.0.0.1:9223 and open/use https://chatgpt.com/ tabs.
- dist/index.js config hook writes generated OpenCode agent markdown under OPENCODE_CONFIG_DIR unless disabled.
- dist/index.js includes ClickUp and GitHub API clients that can update tasks, comments, PRs, refs, and repository contents when configured with tokens.
- dist/index.js can start/restart a configured user systemd service for QA Chrome when qa.autostart is enabled.
- package.json has no install/postinstall/preinstall lifecycle hook; prepack is publish-time only.
- dist/index.js exports an OpenCode plugin; risky actions are exposed as named runtime tools/config behavior, not import-time execution.
- Network endpoints are aligned with documented workflow integrations: ClickUp, GitHub, local OpenCode/CDP, and ChatGPT QA browser usage.
- scripts/optima-sanitize-host.js only imports the sanitize CLI; dist/sanitize_cli.js main runs only when invoked as the bin script.
- No credential harvesting or covert exfiltration path found beyond configured API tokens used for their matching services.
- No obfuscated strings, dropped binaries, persistence implant, dependency-confusion pattern, or destructive install-time behavior found.
Source & flagged code
5 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L14979Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L14423Package source references dynamic require/import behavior.
scripts/optima-sanitize-host.jsView on unpkg · L9Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/sanitize_cli.jsView on unpkg · L2592