AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a Hiver agent-runtime CLI that starts local Docker-based sandboxes and a localhost inspector when invoked by the user.
Decision evidence
public snapshot- User-invoked commands spawn docker, node, open/xdg-open, and optional Docker installer in packages/commands/dist/docker.js.
- Explicit `hiver inspect --record` records sandbox directories/files to ~/.hiver/traces via packages/commands/dist/inspect/recorder.js.
- Inspector server exposes local routes that proxy sandbox terminal, files, config, events, and browser CDP in packages/inspector-server/dist/routes/*.js.
- package.json has no preinstall/install/postinstall lifecycle hooks; only bin `hiver` points to packages/commands/bin.js.
- packages/commands/bin.js only dispatches to built CLI under node, with DEV-only tsx fallback.
- Network use is package-aligned: local gateway/devtools URLs, user-supplied gateway URL, Docker docs/install URL, and bundled Google Fonts.
- Persistent writes are expected CLI state under ~/.hiver and only occur from explicit commands such as connect/up/inspect --record.
- Dynamic import in packages/commands/dist/cli.js is constrained to entries from a static command registry.
- No credential harvesting, stealth persistence, foreign AI-agent config mutation, or install-time execution found.
Source & flagged code
3 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
packages/inspector-client/dist/assets/index-C7jf9Qob.jsView on unpkg · L45Package contains source files above the static scanner size ceiling.
packages/inspector-client/dist/assets/monacoThemes-Bv3OLDiv.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
packages/commands/dist/inspect/index.jsView on unpkg