AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. User-invoked setup and bootstrap can add this first-party MCP server to Cursor/Claude workspace configuration and store Minicor auth tokens locally. This is agent extension lifecycle risk, but not malicious because it is explicit setup for the advertised MCP/RPA product and not an install-time hijack.
Decision evidence
public snapshot- dist/setup.js explicit setup writes ~/.cursor/mcp.json and ~/.minicor/tokens.json after login
- dist/bootstrap.js user-invoked bootstrap writes CLAUDE.md, .claude/settings.local.json, .cursor/rules/workspace.mdc
- dist/index.js registers MCP tools that can manage workflows, VMs, agents, skills, and sessions
- dist/setup.js uses child_process.exec only to open local setup URL in browser
- package.json has no preinstall/install/postinstall; only prepare runs tsc build
- dist/lib.js library entry has no import-time side effects beyond exports
- Network calls are to package-aligned Minicor/Laminar APIs for auth, workspaces, VM, skills, middleware, and 2FA
- Stored tokens are written locally with mode 0600 and used as bearer auth to configured platform endpoints
- No credential harvesting, hidden exfiltration endpoint, remote payload loader, destructive install action, or stealth persistence found
Source & flagged code
4 flagged · loading sourcedist/setup.js explicit setup writes ~/.cursor/mcp.json and ~/.minicor/tokens.json after login
dist/setup.jsView on unpkgdist/setup.js uses child_process.exec only to open local setup URL in browser
dist/setup.jsView on unpkgdist/bootstrap.js user-invoked bootstrap writes CLAUDE.md, .claude/settings.local.json, .cursor/rules/workspace.mdc
dist/bootstrap.jsView on unpkgdist/index.js registers MCP tools that can manage workflows, VMs, agents, skills, and sessions
dist/index.jsView on unpkg