AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a local AI workspace application with powerful user-invoked server tools, update, terminal, and provider connectivity.
Decision evidence
public snapshot- server/tools/index.mjs implements write_file/edit_file/run_command primitives
- server/update-supervisor.mjs can run npm install -g during user-triggered update
- server/index.mjs defaults to 0.0.0.0 with LAN sharing enabled
- package.json has no lifecycle scripts; main/bin are only import or user CLI entrypoints
- bin/quickforge.mjs starts/stops server and checks registry only on CLI commands
- server/index.mjs gates remote non-share API behind LAN token and terminal is localhost-only
- server/tools/index.mjs confines file tools to workspace and excludes sensitive files from grep
- server/routes/tools.mjs requires full-access setting for direct write/run/plugin tools
- network use is update checks, localhost health, user-configured model/MCP providers
Source & flagged code
7 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/assets/pdf.worker.min-Cpi8b8z3.mjsView on unpkg · L24Package source references a known benign dynamic code generation pattern.
dist/assets/pdf.worker.min-Cpi8b8z3.mjsView on unpkg · L24Package source invokes a package manager install command at runtime.
server/update-supervisor.mjsView on unpkg · L89Package contains source files above the static scanner size ceiling.
dist/assets/pi-web-ui-CBet4bMl.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
dist/assets/index-DiaCCmXE.jsView on unpkg