AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious install-time attack surface was found. The package is an AI workflow/agent tool with user-invoked MCP/skill setup and a runtime Antigravity provider that disables agent permission prompts.
Decision evidence
public snapshot- packages/core/dist/providers/default-adapters.js runs agy with --dangerously-skip-permissions for antigravity adapters.
- packages/cli/dist/commands/init.js and install.js create/merge project .mcp.json with vsaf/gitnexus MCP entries.
- packages/cli/dist/commands/install.js user-invoked install can run npm/pipx/global gitnexus setup and deploy skills into .vsaf/skills.
- packages/core/dist/providers/command-provider.js executes configured provider commands with selected env keys.
- scripts/postinstall.js only links/copies packages/core/dist into node_modules/@vsaf/core inside the installed package.
- No install-time write to .mcp.json, .claude, home agent settings, shell startup, VCS hooks, or autostart found.
- Network calls are package-aligned LLM APIs or user-invoked installer dependency setup, not hidden exfiltration.
- Secret-looking strings in tests/docs are examples or empty config templates, not embedded live credentials.
Source & flagged code
41 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
skills/vds-skill/runtime/pdf_orchestrator/tests/conftest.pyView on unpkg · L194Package source references child process execution.
packages/core/dist/providers/command-provider.jsView on unpkg · L9Package source references shell execution.
skills/vds-skill/install-deps.mjsView on unpkg · L133Package source references dynamic require/import behavior.
scripts/postinstall.jsView on unpkg · L7Package source invokes a package manager install command at runtime.
packages/cli/dist/commands/install.jsView on unpkg · L93Package ships non-JavaScript build or shell helper files.
scripts/win-vm-prereqs.ps1View on unpkgPackage ships high-entropy non-source blobs.
skills/vds-skill/runtime/pdf_orchestrator/cli_verification_test/test.pdfView on unpkgPackage hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
skills/vds-skill/runtime/vds_cli/tests/unit/test_cli_DOC004.pyView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
packages/core/dist/providers/default-adapters.jsView on unpkgHardcoded password in skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.py
skills/vds-skill/runtime/vds_cli/tests/unit/test_cli.pyView on unpkg · L226Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L25Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L58Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L99Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L119Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L140Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L156Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L175Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L216Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L263Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L304Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L331Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L357Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_bulk_operations.pyView on unpkg · L385Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_application_properties.pyView on unpkg · L33Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L17Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L47Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L82Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L102Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L129Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L149Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L173Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L197Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L217Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_user_management.pyView on unpkg · L237Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_issue_archiving.pyView on unpkg · L33Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L22Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L55Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L85Hardcoded password in skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.py
skills/vds-skill/runtime/jira_orchestrator/tests/test_version_management.pyView on unpkg · L133