AI Security Review
scanned 6d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is an AI workspace/CLI tool with explicit commands that generate workspace context files, configure MCP, run git/PM2/editor commands, and check for updates.
Decision evidence
public snapshot- dist/commands/mcp.js user-invoked setup writes MCP config for Cursor, VS Code, and Claude Desktop
- dist/core/workspace.js creates workspace-local .cursor/mcp.json and AI context files during workspace creation
- dist/utils/update-check.js contacts GitHub releases and npm registry after CLI actions
- dist/core/plugins/loader.js dynamically imports user-configured plugin paths
- package.json has no install/postinstall/prepare hook; only prepublishOnly build is publisher-side
- dist/index.js only registers CLI commands and update check postAction, not install-time mutation
- AI files CLAUDE.md, AGENTS.md, Cursor and Copilot rules are generated in explicit NexusFlow workspaces
- MCP global config mutation is behind explicit nexusflow mcp setup command, not automatic lifecycle execution
- No credential harvesting or exfiltration endpoints found; local LLM endpoints are user-configured and validated
- Shell/child process use is package-aligned for git, editors, PM2, browser opening, and tool version checks
Source & flagged code
7 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/server.jsView on unpkgPackage source references dynamic require/import behavior.
dist/core/plugins/loader.jsView on unpkg · L19Package source references weak cryptographic algorithms.
dist/core/analysis-cache.jsView on unpkg · L11Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/utils/update-check.jsView on unpkg · L10Package source invokes a package manager install command at runtime.
dist/utils/update-check.jsView on unpkg · L130