Stateless, task-oriented AI agent core
No confirmed malicious attack surface. Runtime agent capabilities are exposed only through explicit API or CLI use, and the inspected web tool includes SSRF and redirect controls.
Package source references child process execution.
dist/core/session-store.jsView on unpkg · L95Package source references a known benign dynamic code generation pattern.
dist/core/auto-promote.jsView on unpkg · L32Source matches reverse-shell style process and socket wiring.
dist/core/auto-mode-prompt-assets.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/core/auto-mode-prompt-assets.jsView on unpkg · L1Package source references child process execution.
dist/core/session-store.jsView on unpkg · L95Package source references a known benign dynamic code generation pattern.
dist/core/auto-promote.jsView on unpkg · L32Source matches reverse-shell style process and socket wiring.
dist/core/auto-mode-prompt-assets.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/core/auto-mode-prompt-assets.jsView on unpkg · L1