AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. Shell, filesystem, and network primitives are limited to explicit framework CLI actions and caller-configured application API requests.
Decision evidence
public snapshot- `dist/commands/cli.js` uses shell execution, but only inside explicit CLI command handlers.
- `dist/commands/cli.js` runs `npx barrelsby` and a local icon-generator path during user-invoked build/watch commands.
- `dist/api/api.js` can send bearer headers to a caller-provided URL or `NEXT_PUBLIC_API_HOST`.
- `package.json` has no preinstall, install, postinstall, prepare, or bin entrypoint.
- `dist/index.js` only re-exports modules; importing it does not start the CLI.
- No eval, VM, dynamic module loading, credential harvesting, destructive deletion, or agent-control writes were found.
- CLI file writes are scoped to explicit project-generation commands (`components/index.ts`, `app/<route>/page.tsx`, `public/pdf.worker.min.mjs`).
- Network use is an application API helper configured by caller props/environment, not a fixed exfiltration endpoint.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/cli.jsView on unpkgPackage source references child process execution.
dist/commands/cli.jsView on unpkg · L6Package source invokes a package manager install command at runtime.
dist/commands/cli.jsView on unpkg · L115