AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a deployment/update/admin CLI with user-invoked AWS, Expo, SST, and audit operations.
Decision evidence
public snapshot- package.json exposes a CLI bin and prepublishOnly build script, but no install/postinstall lifecycle hook.
- src/cli/commands/deploy.ts and src/cli/utils/export.ts spawn npx/sst/expo only when explicit CLI commands run.
- src/cli/commands/lighthouse.ts runs curl/npx lighthouse only for audit:lighthouse against a user/resolved URL.
- src/cli/commands/update.ts loads SST secrets into env during user-invoked update, then uploads app artifacts to configured AWS resources.
- src/env.ts dynamically requires user env.config.js for documented env filtering; no hidden remote payload found.
- No install-time or import-time exfiltration path found in package.json or main/bin entrypoints.
- Network use is package-aligned: AWS SDK, configured HOST_URL/EVERYSTACK_URL, user-supplied audit URLs, and internal handler URLs.
- Secrets commands read/write SST secrets for explicit list/get/set/import/export operations; they do not send secrets to an unrelated endpoint.
- Shell/child_process use is limited to documented CLI workflows, not automatic execution.
- No persistence, destructive system changes, AI-agent control-surface writes, obfuscated payloads, or credential harvesting loop found.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
src/cli/utils/export.tsView on unpkg · L1Package source references dynamic require/import behavior.
src/env.jsView on unpkg · L8Package source references weak cryptographic algorithms.
src/handler/signing.tsView on unpkg · L2Package source invokes a package manager install command at runtime.
src/cli/commands/lighthouse.tsView on unpkg · L8This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/cli/commands/deploy.tsView on unpkg