AI Security Review
scanned 2h ago · by lpm-firewall-aiThe package is a self-hosted agent gateway with optional managed hosting and SAT mining/transaction capability. No unconsented install-time execution or foreign AI-agent configuration mutation was confirmed.
Decision evidence
public snapshot- `dist/mining/chat-command.js` maps explicit @mining start/stop requests to gateway methods.
- `dist/extensions/sat-mining/src/solana-submit.js` constructs and submits Solana capital/deposit/withdraw transactions.
- `scripts/start-managed.sh` starts a managed gateway, zrok tunnel, wallet setup, and can invoke privileged time-sync commands.
- The shipped runtime includes systemd-management modules and persistent managed-service support.
- `package.json` has no preinstall, install, or postinstall hook.
- `prepare` only sets a repository-local Git hooks path when inside a Git work tree.
- `fased.mjs` runs only when the CLI binary is invoked; package import `dist/index.js` parses commands only when main.
- `dist/infra/net/ssrf.js` blocks localhost, metadata hosts, private, internal, and special-use addresses.
- `dist/infra/git-commit.js` dynamic require is limited to local package/build metadata.
- No Unicode bidi/invisible control was found in `dist/tui/tui-formatters.js` by direct scan.
Source & flagged code
8 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/infra/git-commit.jsView on unpkg · L19Package source references weak cryptographic algorithms.
extensions/voice-call/src/webhook-security.tsView on unpkg · L76Source reaches cloud instance metadata or link-local credential endpoints.
dist/infra/net/ssrf.jsView on unpkg · L2Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/tui/tui-formatters.jsView on unpkg · L18Package ships non-JavaScript build or shell helper files.
scripts/start-managed.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/plugin-sdk/config-schema-aKPMn6ML.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/memory/inventory.jsView on unpkg