AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established by static source inspection. The risky primitives are GitHub CLI subprocess and project file writers exposed as user-invoked automation helpers.
Decision evidence
public snapshot- dist/scm/call.js and dist/release/spawn.js expose subprocess wrappers for gh/git/task-style workflows.
- dist/scm/gh-rest.js contains user-invoked GitHub REST mutation helpers such as restCreateIssue/restPostComment/restCloseIssue.
- dist/intake/issue-ingest.js writes vbrief JSON files from GitHub issue data when its CLI path is invoked.
- package.json has no install/preinstall/postinstall lifecycle hooks and no bin entry.
- dist/index.js only re-exports modules and engineInfo; no import-time network, shell, or file mutation observed.
- dist/scm/binary.js only resolves ghx/gh on PATH; no gated credential harvesting or sandbox evasion found.
- dist/intake/issue-ingest-cli.js runs only when directly executed via argv entrypoint check.
- dist/vbrief-validation/validation.js uses SHA-1 only for short slug collision suffixes, not security-sensitive crypto.
- Network and process.env use is aligned with GitHub/project automation features, not exfiltration.
Source & flagged code
3 flagged · loading sourcePackage source references weak cryptographic algorithms.
dist/vbrief-validation/validation.jsView on unpkg · L88Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/scm/binary.jsView on unpkg · L1This package version adds a dangerous source file absent from the previous stored version.
dist/intake/issue-ingest.jsView on unpkg