AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Network and process execution are restricted to explicit CLI subcommands and generated project scaffolds.
Decision evidence
public snapshot- `package.json` has only `prepublishOnly`; no install-time hook.
- `bin/street.js` only loads metadata and dispatches explicit CLI commands.
- `dist/commands/create.js` fetches are emitted into generated app/test templates, not CLI credential uploads.
- `dist/commands/registry.js` sends a user-selected manifest/tarball only for explicit `registry publish`.
- `dist/commands/start.js` and `test.js` spawn user-requested local project commands.
- No AI-agent config paths, hidden persistence, eval/vm, or binary payloads found.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
dist/commands/start.jsView on unpkg · L2Package source invokes a package manager install command at runtime.
dist/commands/test.jsView on unpkg · L73Source appears to send environment or credential material to an external endpoint.
dist/commands/create.jsView on unpkg · L398A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/commands/create.jsView on unpkg · L398Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/commands/generate.jsView on unpkg · L94