AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time attack surface was found. Residual risk remains because the published main entry is deliberately obfuscated and includes reviewer/AI-directed prompt text.
Decision evidence
public snapshot- dist/index.js is intentionally obfuscated with a string-array loader and large opaque string table.
- dist/index.js banner contains an AI/LLM-directed refusal instruction, a reviewer prompt-injection signal.
- Main package entry is only obfuscated dist/index.js; unobfuscated matching source for that entry is not shipped.
- package.json has no install/preinstall/postinstall/prepare lifecycle hooks.
- bin/cli.mjs only user-invoked spawns Bun to run src/dev/serve.ts with supplied plugin dirs.
- src/dev/* network activity is local dev proxy/RPC on 127.0.0.1 plus optional user-configured S3_ENDPOINT for local asset storage.
- src/dev/preload.ts and sqlite-pool.ts implement Bun SQLite dev stubs; no credential harvesting or exfiltration found.
- README.md describes the same plugin SDK/dev-toolkit behavior observed in source.
Source & flagged code
8 flagged · loading sourceSource contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/index.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
src/dev/dev-host.tsView on unpkg · L135Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
shell/_build/.vite/manifest.json.gzView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
src/dev/sqlite-pool.tsView on unpkg