AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package provides a host-invoked local plugin framework that may load configured extension modules and access workspace files through its API.
Static reason
No blocking static signals were detected.
Trigger
A host application explicitly provisions or loads workspace/PI plugins at runtime.
Impact
Host-configured plugin code can run with the host application's permissions; this package does not itself establish exfiltration or install-time mutation.
Mechanism
Configured local plugin discovery and dynamic module import.
Rationale
The flagged primitives implement the advertised workspace and agent-plugin framework, are activated by host runtime configuration, and remote PI sources are explicitly excluded. There is no lifecycle execution or concrete malicious chain in the inspected package source.
Evidence
package.jsondist/server.jsdist/app-server.jsdist/WorkspaceProvider-U4izhS84.js
Decision evidence
public snapshotAI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
- `dist/app-server.js` discovers configured local `.pi` plugin directories, including `~/.pi/agent/extensions`.
- `dist/server.js` dynamically imports server plugin modules supplied by the host/plugin configuration.
Evidence against
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle hook.
- `dist/app-server.js` rejects `npm:`, `git:`, `github:`, `http:`, `https:`, and `ssh:` sources when resolving PI settings.
- No `child_process`, shell execution, credential harvesting, or outbound hard-coded endpoint was found in distributed runtime files.
- Filesystem write/removal paths in `dist/app-server.js` support workspace/plugin error and provisioning operations rather than install-time persistence.
Behavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/server.jsView file
2250import { dirname as dirname2, join as join2 } from "path";
L2251: var require2 = createRequire(import.meta.url);
L2252: function resolveBoringPiRoot(override) {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/server.jsView on unpkg · L2250Findings
3 Medium4 Low
MediumDynamic Requiredist/server.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings