AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a user-invoked Modelgov CLI with local/project setup, diagnostics, and API administration commands.
Decision evidence
public snapshot- package.json has no lifecycle hooks; only a modelgov bin pointing to dist/index.js.
- Network use is explicit CLI behavior to configured/local Modelgov endpoints, e.g. /v1/explain, /v1/admin/keys, /v1/chat.
- child_process use runs browser open commands, docker compose, bash scripts, and version checks from user-invoked ops commands.
- File writes are project-scoped setup/reset actions: copy templates to .env and unlink .env only with reset --yes.
- Reads of .env/config files support doctor, smoke, and policy evaluation; no code path sends arbitrary env dumps or files to third-party hosts.
- No eval/vm/dynamic require, native binary loading, install-time execution, persistence, or AI-agent control-surface mutation found.
Source & flagged code
3 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L416Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L416