AI Security Review
scanned 2d ago · by lpm-firewall-aiLong-running `iicp-node serve` and `mcp-gateway` processes enable a default-on background self-updater. It can replace the globally installed package with the npm `latest` release and restart the process.
Decision evidence
public snapshot- `dist/cli.js` starts a default-on auto-updater for long-running provider commands.
- `dist/updater.js` fetches npm latest metadata and runs `npm install -g @iicp/client@latest`.
- `dist/updater.js` detaches and re-executes the CLI after a successful upgrade.
- `dist/cli.js` also offers explicit service-unit installation and optional dependency installation.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- The update target is the package's own npm name and registry endpoint, not an unrelated payload host.
- Filesystem writes inspected are operator/node configuration, locks, logs, or explicit service units.
- No source evidence of credential harvesting, secret exfiltration, destructive actions, or AI-agent configuration mutation.
Source & flagged code
5 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
dist/node.jsView on unpkg · L803Package source references dynamic require/import behavior.
dist/client.jsView on unpkg · L7This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/cli.jsView on unpkg · L415