AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a user-invoked NativeScript/PWA wrapper CLI with broad but package-aligned build, device, CI scaffold, and native bridge capabilities.
Decision evidence
public snapshot- src/cli.ts uses execFileSync/spawn for ns, bun, adb, xcrun, fastlane, curl, and bunx commands.
- src/cli.ts copyCiTemplates can write .github/workflows and native/fastlane during appwrap init.
- src/cli.ts vendorBackendAssets fetches user-configured backendOrigin/vendorPaths with curl into generated www-src.
- runtime/app/shell/handlers-fs.ts and handlers-extended.ts expose app-sandbox file, clipboard, scanner, secure-storage, and native capability bridge handlers.
- package.json has no install/postinstall/preinstall lifecycle hooks; bin is user-invoked appwrap CLI.
- scripts/stage-assets.mjs only stages bundled runtime/templates for packaging via prepack, not consumer install.
- src/cli.ts command execution is tied to explicit CLI actions such as init, sync, dev, build, deploy, publish, clean, logs.
- No evidence of credential harvesting, hardcoded exfiltration endpoint, persistence outside generated app/project files, or AI-agent control-surface writes.
- runtime/package.json dependencies are NativeScript/runtime-aligned; dynamic require loads @nativescript/secure-storage for secure storage.
- Network URLs are user-provided config/dev/server values or package repository metadata, not covert destinations.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/cli.tsView on unpkgPackage source invokes a package manager install command at runtime.
src/cli.tsView on unpkg · L1819Package source references dynamic require/import behavior.
runtime/app/shell/handlers-extended.tsView on unpkg · L187