AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established by source inspection. The risky primitives are package-aligned for a PWA-to-native wrapper CLI and are activated by explicit appwrap commands or by the generated app runtime.
Decision evidence
public snapshot- package.json has no install/preinstall/postinstall lifecycle hooks; only prepack/postpack publish-time scripts
- src/cli.ts child_process use is in explicit CLI commands for NativeScript, bun, adb/xcrun/fastlane, curl, and publish workflows
- src/cli.ts writes native wrapper files, hooks/after-prepare, and .github/workflows only during user-invoked appwrap init/sync/build/deploy flows
- src/cli.ts dynamic imports load package manifest/capability data and user-selected appwrap config, not remote code
- runtime/app/shell handlers expose native app capabilities to the wrapped PWA and constrain fs paths to app sandbox roots
- No Claude/Codex/Cursor/MCP/agent control-surface writes or lifecycle persistence found
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/cli.tsView on unpkgPackage source invokes a package manager install command at runtime.
src/cli.tsView on unpkg · L1731Package source references dynamic require/import behavior.
runtime/app/shell/handlers-extended.tsView on unpkg · L187