AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a developer CLI that performs user-invoked auth, deploy, local dev, MCP setup, update, and npm/npx verdict-gating actions.
Decision evidence
public snapshot- dist/commands/mcp.js can add a somewhere MCP server to Codex/Claude/Cursor configs when user runs `somewhere mcp install`.
- dist/commands/update.js runs `npm view` and `npm install -g @somewhere-tech/cli@latest` only from explicit `somewhere update`.
- dist/swpx/spawn.js delegates to real `npx`/`npm` after verdict checks.
- package.json has no install/postinstall/prepare hooks; prepublishOnly is publish-time build only.
- bin/somewhere.js, bin/swpx.js, and bin/swpm.js only import CLI entrypoints; no install-time execution.
- dist/commands/mcp.js writes stdio bridge entries without embedding tokens and is user-invoked.
- dist/lib/client.js and dist/swpx/verdict-client.js contact somewhere.tech endpoints aligned with CLI/auth/deploy/verdict features.
- dist/lib/config.js stores tokens under ~/.somewhere/config.json with mode 0600 and no exfiltration beyond authenticated API calls.
- Scanner-highlighted browser/update/dev/swpx files implement documented CLI features, not stealth persistence or harvesting.
Source & flagged code
5 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/local/runtime.jsView on unpkg · L36Package source invokes a package manager install command at runtime.
dist/commands/update.jsView on unpkg · L52This package version adds a dangerous source file absent from the previous stored version.
dist/commands/browser.jsView on unpkg