AI Security Review
scanned 14d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package exposes a VM runtime that can spawn local helper binaries, manage VM files, and optionally download gvproxy when a user boots networking.
Decision evidence
public snapshot- package.json has no install/preinstall/postinstall lifecycle scripts and exports only dist/index.js.
- dist/index.js child_process use is in exported VM/runtime APIs: PTY shim, tar file transfer, VMM/gvproxy spawning, native helpers.
- Dynamic require only resolves platform optional @machinen/native-* helper packages or self-import for restore/fork logic.
- Only outbound fetch downloads gvproxy v0.8.6 from GitHub during user-invoked VM networking setup, not install/import.
- Filesystem writes are runtime cache/registry/snapshot artifacts under .machinen/tmp paths, aligned with VM management.
- No credential harvesting, secret env probes, obfuscated payloads, persistence hooks, or AI-agent control-surface writes found.
Source & flagged code
4 flagged · loading sourceSource combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L6925Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L498