AI Security Review
scanned 15d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a CLI toolkit that bootstraps LaunchSecure projects, configures local MCP entries, provisions optional Cloudflare access, and runs user-invoked agent/worktree automation.
Decision evidence
public snapshot- dist/server/cli.js writes .mcp.json and .codex/config.toml with LaunchSecure MCP entries during user CLI flow
- dist/server/cli.js can spawn unattended Claude sessions for radar feedback handling with dangerouslySkipPermissions
- dist/server/orbit-entry.js runs git, package-manager install, prisma, tsc, lint, and build commands in worktrees
- package.json has no install/preinstall/postinstall lifecycle hooks
- Risky behavior is exposed through declared bins, not import-time or install-time execution
- dist/server/init-entry.js Cloudflare and LaunchSecure calls use user-supplied LS_PAT/cloud tokens for documented setup/provisioning
- dist/server/cli.js token persistence writes local ~/.claude/.radar-oauth-token; no credential harvesting loop or arbitrary exfiltration found
- Network hosts are package-aligned: launchsecure-v2.vercel.app, api.cloudflare.com, configured LS_SERVER_URL/LAUNCHSECURE_URL
- No obfuscated payload, persistence outside declared config, destructive filesystem action, or dependency-confusion behavior found
Source & flagged code
12 flagged · loading sourcePackage source references child process execution.
dist/server/orbit-entry.jsView on unpkg · L35Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/server/orbit-entry.jsView on unpkg · L35Package source invokes a package manager install command at runtime.
dist/server/orbit-entry.jsView on unpkg · L1594Package source references dynamic require/import behavior.
dist/server/orbit-entry.jsView on unpkg · L59A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/server/rover-entry.jsView on unpkg · L1851Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/server/rover-entry.jsView on unpkg · L37Source writes installer persistence such as shell profile or service configuration.
dist/server/rover-entry.jsView on unpkg · L37Package source references weak cryptographic algorithms.
dist/server/rover-entry.jsView on unpkg · L37Source appears to send environment or credential material to an external endpoint.
dist/server/cli.jsView on unpkg · L241A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/server/cli.jsView on unpkg · L241Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/server/council-entry.jsView on unpkg · L1423Package ships non-JavaScript build or shell helper files.
scaffolds/migrate-safety/scripts/migrate-with-backup.shView on unpkg