AI Security Review
scanned 14h ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package performs package-aligned browser automation and Python environment setup only after explicit CLI/runtime use; it has no npm install lifecycle hook.
Decision evidence
public snapshot- `dist/src/integrations/browser_use/PythonRuntime.js` can create a project `.venv` and invoke pip, but only through setup/runtime functions.
- `packages/browser-use/browser_use/browser/profile.py` includes extension-download helpers for browser automation.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `dist/src/cli/index.js` registers environment setup as the explicit `webpilot setup` command.
- Python setup installs the package's vendored `packages/browser-use` source from `requirements.txt`.
- No inspected import-time execution, credential harvesting, exfiltration, stealth persistence, or AI-agent configuration mutation was found.
- `dist/src/core/knowledge/RepoKnowledgeGraph.js` explicitly excludes `.cursor` during project scanning.
Source & flagged code
7 flagged · loading sourcePackage source references child process execution.
dist/src/core/CodegenPlaywrightValidator.jsView on unpkg · L36Package source invokes a package manager install command at runtime.
dist/src/cli/index.jsView on unpkg · L567This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/src/integrations/browser_use/PythonRuntime.jsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/src/integrations/browser_use/PythonRuntime.jsView on unpkg · L42Package ships non-JavaScript build or shell helper files.
scripts/setup-python.shView on unpkgHardcoded password in docs/FRAMEWORK_GUIDE.md
docs/FRAMEWORK_GUIDE.mdView on unpkg · L702