AI Security Review
scanned 5d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is an MCP governance server with optional Claude Code hooks and a user-invoked environment-check tool; risky primitives are aligned with those advertised functions.
Decision evidence
public snapshot- src/governance/grounding.ts writes local hook state under ~/.everystack/governance/grounding when user installs hooks.
- src/gates/telemetry.ts appends local JSONL telemetry with rule/path metadata under ~/.everystack/governance.
- src/tools/check-environment.ts uses execSync for version probes including node, pnpm, git, npx expo, npx sst, aws, psql.
- package.json has no lifecycle scripts; bin is explicit CLI ./dist/index.cjs.
- src/index.ts starts a stdio MCP server or explicit governance subcommand; no install/import-time payload.
- src/index.ts and src/prompts/governance-setup.ts repeatedly require showing hook commands and human confirmation before editing .claude/settings.json.
- No credential contents are read or exfiltrated; AWS check only tests existence of ~/.aws credentials/config.
- No package-controlled network exfiltration endpoints found; URLs are documentation/setup guidance.
- dist/aws-setup.md secret-looking values are AWS documentation examples ending EXAMPLE/EXAMPLEKEY.
Source & flagged code
6 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/aws-setup.mdView on unpkg · L216Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.cjsView on unpkg · L1229Package source references a known benign dynamic code generation pattern.
dist/index.cjsView on unpkg · L21553AWS access key ID in src/resources/aws-setup.md
src/resources/aws-setup.mdView on unpkg · L216