AI Security Review
scanned 16h ago · by lpm-firewall-aiThe only install-time mutation found is generation of a package-owned affiliate ID in the user's home directory. Runtime behavior builds MCP payment-required responses and optionally uses Stripe APIs with a caller-provided secret; no confirmed malicious attack surface is established.
Decision evidence
public snapshot- `package.json` has `postinstall: node scripts/postinstall.js`.
- `scripts/postinstall.js` writes `~/.gadgethumans/affiliate_id` during install without an explicit prompt.
- Runtime `index.js` reads `~/.gadgethumans/affiliate_id` and includes it in payment metadata/402 responses.
- `index.js` creates/retrieves Stripe PaymentIntents when caller supplies a Stripe secret key.
- No code writes AI-agent control surfaces such as MCP config, Claude/Codex/Cursor settings, or slash commands.
- No child_process, eval/vm/Function, native binary loading, destructive actions, or persistence beyond the affiliate ID file seen.
- Network/payment endpoints are package-aligned: Stripe SDK calls and `https://swarm.gadgethumans.com/api/x402/` in payment metadata.
- No credential harvesting or exfiltration found; Stripe secret is caller-supplied and used for Stripe API operations.
- Main observed behavior matches payment middleware purpose.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
index.jsView on unpkg