AI Security Review
scanned 18h ago · by lpm-firewall-aiNo confirmed malicious attack surface. Sensitive filesystem, network, and subprocess actions are tied to explicit CLI commands for scaffolding, project execution, or registry use.
Decision evidence
public snapshot- package.json has only prepublishOnly; no install-time lifecycle hook.
- bin/street.js only loads reflect-metadata and dispatches user argv.
- dist/commands/create.js network calls are emitted into generated app templates, not run by the CLI.
- dist/commands/create.js runs npm only for explicit create actions; --install is opt-in.
- dist/commands/registry.js sends publisher-selected artifacts/token only to a user-selected registry.
- No credential harvesting, hidden exfiltration, persistence, or AI-agent config mutation found.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
dist/commands/start.jsView on unpkg · L2Package source invokes a package manager install command at runtime.
dist/commands/test.jsView on unpkg · L73Source appears to send environment or credential material to an external endpoint.
dist/commands/create.jsView on unpkg · L398A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/commands/create.jsView on unpkg · L398Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/commands/generate.jsView on unpkg · L94