AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malware behavior, but install-time persistence creates a package-owned affiliate ID in the user's home directory and later attaches it to payment flows. Runtime network calls are payment verification and Stripe operations aligned with the package's stated MCP payment middleware purpose.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall.js
- scripts/postinstall.js creates ~/.gadgethumans/affiliate_id during npm install
- index.js reads ~/.gadgethumans/affiliate_id and includes it in payment metadata/router verification
- index.js posts payment verification context to https://swarm.gadgethumans.com/api/x402/verify
- router.js logs payment data to x402_tx_log.jsonl when run directly
- No child_process, eval/vm/Function, native addon, or binary loading found
- Postinstall writes only a package-owned affiliate identifier, not broad AI-agent config
- No credential file/env harvesting observed; Stripe key is user-supplied and used with stripe SDK
- Network endpoints are payment-router/Stripe functionality aligned with package purpose
- No import-time execution beyond constants/helper definitions; middleware activates when user wraps an MCP server
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
router.jsView on unpkg