AI Security Review
scanned 1h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a user-invoked local code review UI that reads VCS diffs, serves them on localhost, and can write review comments or viewed state by UI/API action.
Decision evidence
public snapshot- dist/cli.js bin starts a local HTTP server and exposes comment/viewed mutation APIs when user runs skepsis.
- dist/cli.js shells out to git/jj diff/show and opens a localhost browser as core functionality.
- package.json has no preinstall/install/postinstall lifecycle hooks; only bin skepsis points to dist/cli.js.
- README.md describes a local diff review UI that runs git/jj and writes inline review comments by user action.
- dist/cli.js network use is local server/browser URL; no external collection endpoint found.
- dist/cli.js child_process use is limited to git/jj diff/show, npx vite in --dev checkout mode, and OS URL opener.
- dist/cli.js writes viewed state under ~/.local/share/skepsis and comments into cwd files via explicit API/UI actions.
- Scanner eval hit is Zod feature detection new Function("") rather than payload execution.
Source & flagged code
7 flagged · loading sourcePackage source references child process execution.
dist/web/assets/php-UayGdYaW.jsView on unpkg · L1Source executes local commands and sends command output to an external endpoint.
dist/cli.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli.jsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli.jsView on unpkg · L22348Package source references dynamic require/import behavior.
dist/web/assets/sass-DXrisJhu.jsView on unpkg · L1