AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a deployment CLI with user-invoked commands that scaffold repos, read local env/secrets, call provider APIs, and reconcile infrastructure.
Decision evidence
public snapshot- dist/apply/apply.command.js can POST to a reconcileWebhook URL from the user-provided artifact
- dist/resolve/resolve.js dynamically imports the user-selected deploy config
- dist/init/init.js and dist/demo.js invoke git/pnpm/docker/ssh workflows when CLI commands are run
- package.json has no npm lifecycle hooks; bin only maps intentic to dist/cli.js
- dist/cli.js only starts the Stricli CLI and imports dist/app.js
- Child process and file writes are tied to documented user-invoked init/adopt/apply/demo commands
- Network calls are package-aligned deployment/provider operations to Cloudflare, Forgejo, local services, or configured webhooks
- No evidence of credential harvesting, install-time execution, persistence, AI-agent control-surface writes, or obfuscated staged payloads
Source & flagged code
4 flagged · loading sourcePackage source references child process execution.
dist/init/scaffold-app.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/resolve/resolve.jsView on unpkg · L6A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/demo.jsView on unpkg · L29Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/demo.jsView on unpkg · L29