AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface. This is an interactive virtual shell whose file, Git, and optional binary-execution capabilities require explicit runtime commands and host configuration.
Static reason
One or more suspicious static signals were detected.
Trigger
Consumer constructs `Shell` and runs a command; `.bin` execution additionally requires a host-provided `execBin`.
Impact
Can alter the configured virtual filesystem or contact a user-specified Git remote, consistent with package purpose.
Mechanism
User-directed virtual shell and Git command dispatch.
Rationale
Static inspection shows a purpose-aligned browser/virtual shell, not unsolicited payload execution. Scanner network and secret signals map to Git-shell functionality and ordinary token parsing rather than exfiltration or embedded secrets.
Evidence
package.jsondist/index.jsdist/index.d.tsREADME.md
Decision evidence
public snapshotAI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
- `dist/index.js` exposes an injected `execBin` callback for user-invoked `.bin` commands.
- `dist/index.js` supports user-requested Git fetch/pull/push, including URL-like remotes.
- Built-in shell commands can modify the configured virtual filesystem.
Evidence against
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- `dist/index.js` imports only `@riftydev` modules; no `child_process`, `eval`, `Function`, dynamic import, or network API is present.
- The executor is host-supplied and only reached after an explicit shell command resolves a `.bin` shim.
- No credential harvesting, external endpoint, persistence, AI-agent configuration write, or stealth import-time action was found.
Behavioral surface
ChildProcessFilesystemNetwork
HighEntropyStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
3700patternName = generic_password
severity = medium
line = 3700
matchedText = pwd: "pr...ry",
Medium
Findings
2 Medium3 Low
MediumSecret Patterndist/index.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings