AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The risky primitives are explicit development/frontend utilities rather than install-time or import-time behavior.
Decision evidence
public snapshot- dist/commands/cli.js exposes user-invoked commands that run shell commands via exec/execSync/spawn shell:true.
- dist/commands/blueprint.js writes generated app route files from local blueprint JSON and a local stub.
- dist/api/api.js sends bearer-auth axios requests to NEXT_PUBLIC_API_HOST or caller-supplied url.
- package.json has no preinstall/install/postinstall lifecycle hooks and no bin entry.
- dist/index.js only exports utility modules; CLI code is not import-time executed.
- Shell commands are fixed development commands such as next, eslint, tsc, and npx barrelsby, activated by explicit CLI actions.
- No credential harvesting, hidden exfiltration endpoint, persistence, AI-agent control-surface writes, destructive behavior, or remote code loading found.
- Network behavior is package-aligned frontend API/socket use driven by app configuration or caller input.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/cli.jsView on unpkgPackage source references child process execution.
dist/commands/cli.jsView on unpkg · L6Package source invokes a package manager install command at runtime.
dist/commands/cli.jsView on unpkg · L40