AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established by install-time or import-time code. The risky primitives are package-aligned workflow/skill installation and provider command execution, activated by explicit CLI use.
Decision evidence
public snapshot- package.json declares install-time postinstall: node scripts/postinstall.js
- packages/cli/dist/commands/install.js can run npm, pipx, brew/apt/dnf, and write project .mcp.json/.claude/.vsaf paths when user invokes vsaf install
- packages/core/dist/providers/command-provider.js executes configured provider commands via execFile
- scripts/postinstall.js only links or copies packages/core/dist into node_modules/@vsaf/core under the install cwd
- postinstall does not read secrets, contact network endpoints, alter shell rc files, or write AI-agent home directories
- CLI package/dependency installation and skill deployment are behind explicit vsaf install/skill commands, not import-time or install-time behavior
- Command provider execution is workflow/config driven and uses execFile with bounded provider env plus secret redaction
- README documents VSAF as an AI workflow engine with skill-pack and MCP setup behavior
Source & flagged code
41 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
skills/vds-skill/runtime/pdf_orchestrator/tests/conftest.pyView on unpkg · L194Package source references child process execution.
packages/core/dist/providers/command-provider.jsView on unpkg · L9Package source references shell execution.
skills/vds-skill/install-deps.mjsView on unpkg · L133Package source references dynamic require/import behavior.
scripts/postinstall.jsView on unpkg · L7Package source invokes a package manager install command at runtime.
packages/cli/dist/commands/install.jsView on unpkg · L73Package ships non-JavaScript build or shell helper files.
skills/vds-skill/runtime/markdown_orchestrator/src/vds_markdown_orchestrator/__init__.pyView on unpkgPackage ships high-entropy non-source blobs.
skills/vds-skill/runtime/pdf_orchestrator/cli_verification_test/test.pdfView on unpkgPackage hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
skills/vds-skill/runtime/vds_cli/tests/unit/test_cli_DOC004.pyView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
packages/core/dist/providers/default-adapters.jsView on unpkgHardcoded password in skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.py
skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.pyView on unpkg · L226Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L25Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L58Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L99Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L119Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L140Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L156Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L175Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L216Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L263Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L304Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L331Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L357Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L385Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.pyView on unpkg · L33Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L17Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L47Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L82Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L102Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L129Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L149Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L173Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L197Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L217Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L237Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.pyView on unpkg · L33Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L22Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L55Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L85Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L133