AI Security Review
scanned 7d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious install-time attack surface was found. The package is a desktop AI-agent orchestration app with broad runtime capability to start local agent sessions and integrate with Claude/Codex inside package-owned state.
Decision evidence
public snapshot- dist-electron/main.js spawns bundled server/server.js at runtime and polls localhost APIs.
- server/server.js is an AI-agent dashboard with tmux, Claude/Codex spawning, transcript parsing, and optional auto-merge/deacon services.
- server/server.js can initialize package-owned Codex homes under ~/.overdeck/agents/... and write agent MCP config under ~/.overdeck/conversations/... when enabled.
- Runtime network calls include GitHub updater, OpenRouter model/auth APIs, GitHub API, and OpenAI chat completions.
- package.json postinstall only runs electron-rebuild for node-pty and exits 0; no package code or agent-surface write runs on npm install.
- bin/overdeck.mjs only checks Node/server bundle and launches Electron with inherited stdio/env.
- No install-time writes to .mcp.json, CLAUDE.md, .claude commands/settings, Codex/Cursor settings, shell startup files, or VCS hooks found.
- Desktop auto-start uses Electron setLoginItemSettings only after user dialog/settings update, not during npm lifecycle.
- External update feed is configured to the package repository eltmon/overdeck with autoDownload=false.
Source & flagged code
10 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
server/public/assets/chunk-EIO257PC-DnXo63uH.jsView on unpkg · L22AWS access key ID in server/public/assets/chunk-EIO257PC-DnXo63uH.js
server/public/assets/chunk-EIO257PC-DnXo63uH.jsView on unpkg · L22Package source references dynamic require/import behavior.
dist-electron/preload.jsView on unpkg · L1Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
bin/overdeck.mjsView on unpkg · L58Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
server/public/assets/chunk-NNHCCRGN-oonlRMkZ.jsView on unpkg · L46Package ships high-entropy non-source blobs.
server/public/assets/space-grotesk-latin-ext-400-normal-CfP_5XZW.woff2View on unpkgPackage contains source files above the static scanner size ceiling.
server/server.jsView on unpkgGoogle API key in server/public/assets/chunk-ZUYEQ4TG-B82Qm37l.js
server/public/assets/chunk-ZUYEQ4TG-B82Qm37l.jsView on unpkg · L1