AI Security Review
scanned 5d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a developer workflow CLI/dashboard with explicit user-invoked AI context generation, MCP setup, local transcript display, and update/install helpers.
Decision evidence
public snapshot- dist/commands/mcp.js explicit `mcp setup` writes NexusFlow MCP config into Cursor/VS Code/Claude config files.
- dist/server.js local API can run update/install commands and spawn editors or assistant CLIs after dashboard/API actions.
- dist/utils/session-finder.js reads local assistant session transcripts for Antigravity, Claude, Codex, and Copilot.
- package.json has only prepublishOnly build script; no preinstall/install/postinstall execution.
- dist/index.js only registers CLI commands, loads user-configured plugins, and performs a GitHub update check after command actions.
- dist/server.js binds dashboard server to 127.0.0.1 and restricts CORS to localhost origins.
- dist/server.js update download is restricted to GitHub/GitHubusercontent HTTPS hosts before installer execution.
- AI-agent config/context writes are package-aligned and triggered by explicit CLI/dashboard workspace actions, not install-time mutation.
- No credential exfiltration, remote payload execution, stealth persistence, or destructive install-time behavior found.
Source & flagged code
7 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/server.jsView on unpkgPackage source references dynamic require/import behavior.
dist/core/plugins/loader.jsView on unpkg · L19Package source references weak cryptographic algorithms.
dist/core/analysis-cache.jsView on unpkg · L11Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/utils/update-check.jsView on unpkg · L10Package source invokes a package manager install command at runtime.
dist/utils/update-check.jsView on unpkg · L130