AI Security Review
scanned 5d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is an agent workflow CLI/UI with expected user-invoked file, shell, and network capabilities; install-time behavior is limited to copying bundled reference documentation.
Decision evidence
public snapshot- package.json defines postinstall: node bin/ensure-workspace-reference.mjs
- bin/lib/api-runner.mjs exposes LLM tools that can read/write files and run shell commands when an API-backed agent node is executed
- bin/lib/ui-server.mjs can write Cursor MCP config via authenticated/local UI endpoints
- bin/ensure-workspace-reference.mjs only copies bundled reference/*.md into .workspace/agentflow/reference and skips package root
- bin/agentflow.mjs is a CLI wrapper; no hidden import-time payload found
- Shell execution in bin/pipeline/run-tool-nodejs.mjs and bin/lib/api-runner.mjs is user/flow-invoked agent orchestration behavior
- Network calls are aligned with documented features: model APIs, hub/marketplace, GitLab MR creation, update notifier
- No credential harvesting/exfiltration, destructive lifecycle action, persistence payload, or reviewer/prompt manipulation found
Source & flagged code
8 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
bin/pipeline/post-process-node.mjsView on unpkg · L12Package source references a known benign dynamic code generation pattern.
builtin/web-ui/dist/assets/index-DgQRkS4v.jsView on unpkg · L39Package source references dynamic require/import behavior.
bin/agentflow.mjsView on unpkg · L16Package source references weak cryptographic algorithms.
bin/pipeline/compute-cache-md5.mjsView on unpkg · L33A single source file combines environment access, network access, and code or shell execution; review context before blocking.
bin/lib/api-runner.mjsView on unpkg · L9This package version adds a dangerous source file absent from the previous stored version.
bin/lib/ui-server.mjsView on unpkg