AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. Risky primitives are framework CLI/database/code-generation features activated by explicit user commands, not install-time behavior.
Decision evidence
public snapshot- dist/commands/cli.js exposes user-invoked commands that spawn shell commands with shell:true
- dist/commands/runner/barrels.js runs bunx barrelsby when barrels/watch:barrels CLI actions are invoked
- dist/commands/runner/migration.js and da-migration.js dynamically import project migration files and can drop database tables on explicit fresh commands
- package.json has no install/preinstall/postinstall lifecycle hooks and no bin entry
- dist/index.js only re-exports modules; no network, shell, or file mutation occurs on import beyond module initialization
- Network/database endpoints are local or env-configured DB targets, not hardcoded exfiltration endpoints
- Project file writes are framework code generation/storage/logging paths under app, database, storage, docs, or blueprints
- No AI-agent control-surface writes, credential harvesting, persistence, or remote payload loading found
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/commands/runner/da-migration.jsView on unpkg · L163Package source references dynamic require/import behavior.
dist/commands/runner/da-migration.jsView on unpkg · L31This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/cli.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/commands/runner/barrels.jsView on unpkg · L19