AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package exposes an AI agent/workflow/client SDK with user-invoked network calls, sandboxing, MCP stdio, and local session storage as expected for this package domain.
Decision evidence
public snapshot- Exports include agent/sandbox/client APIs with user-invoked tool execution and MCP stdio support.
- dist/client.mjs posts tool executions to configured Keystroke platform URLs using env/API-key auth.
- dist/agent.mjs can create local session/memory files when an agent is explicitly run.
- package.json has no install/preinstall/postinstall lifecycle hooks and no bin entry.
- Entrypoints mostly re-export framework primitives; no import-time credential harvesting or exfiltration found.
- dist/dist-CkW_0ydn.mjs child_process spawn is MCP stdio transport with explicit command/options, shell:false.
- dist/js-exec-* is bundled just-bash sandbox runtime documentation/implementation, not auto-executed on install/import.
- Network endpoints are product-aligned: ai-gateway.vercel.sh, api.keystroke.ai, configured PLATFORM_URL/PUBLIC_PLATFORM_URL, localhost default.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
dist/chunk-4RUAZWKT-CISqwIli.mjsView on unpkg · L22357This package version adds a dangerous source file absent from the previous stored version.
dist/dist-CkW_0ydn.mjsView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/chunk-TN7HHBQW-D_SK6w5n.cjsView on unpkg · L17Package source references dynamic require/import behavior.
dist/tr-36LHWFRQ-CJUEJlEm.cjsView on unpkg · L1Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/js-exec-N5KEZBH7-BuBt5sPH.cjsView on unpkg · L40