AI Security Review
scanned 5d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is an AI workspace tool with user-invoked agent/MCP integration and local development automation.
Decision evidence
public snapshot- dist/commands/mcp.js can user-invoked write NexusFlow MCP entries into Cursor/VS Code/Claude configs
- dist/core/workspace.js creates workspace-local .cursor/mcp.json using npx -y @mrpatronz/nexusflow mcp run
- dist/generators/skills-generator.js writes assistant skill/rule files under the created workspace
- dist/server.js exposes local GUI routes that can install/update known tools when invoked
- package.json has no install/postinstall/prepare hook; only prepublishOnly build
- AI/MCP files are generated by explicit CLI/UI workspace actions, not lifecycle/import-time execution
- MCP and assistant artifacts are package-aligned and workspace-scoped except explicit mcp setup command
- No credential harvesting or secret exfiltration found in inspected source
- Network use is update/local-LLM/package-registry aligned: GitHub releases, npm registry, localhost/private endpoints
- Dynamic import is plugin loading from configured user paths, not remote code loading
Source & flagged code
7 flagged · loading sourcePackage source references child process execution.
dist/core/worktree.test.jsView on unpkg · L2Package source references dynamic require/import behavior.
dist/core/plugins/loader.jsView on unpkg · L19Package source references weak cryptographic algorithms.
dist/core/analysis-cache.jsView on unpkg · L11Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/utils/update-check.jsView on unpkg · L10Package source invokes a package manager install command at runtime.
dist/utils/update-check.jsView on unpkg · L130This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/server.jsView on unpkg