AI Security Review
scanned 6d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package provides plugin/connectors, local API, sandbox, webhook, and process-management primitives that are runtime/user-invoked and package-aligned.
Decision evidence
public snapshot- package.json has no preinstall/install/postinstall hooks and only exports ./dist/index.js and ./dist/services/node.js.
- dist/index.js guardedFetch enforces declared network capabilities before calling injected/global fetch.
- dist/index.js connectors use declared secrets and hosts for Slack, GitHub, Notion, Airtable, Linear and webhook actions.
- dist/services/node.js LocalAPIServer binds to 127.0.0.1 by default and uses bearer/scoped token checks when configured.
- dist/services/node.js ScriptSandbox validates AST, blocks eval/import/require/process/fetch globals, and shadows dangerous globals before new Function.
- dist/services/node.js child_process spawn is in a user-invoked ManagedProcess abstraction using caller-supplied service definitions, not install/import-time execution.
Source & flagged code
3 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L8741Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/services/node.jsView on unpkg · L2