AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time behavior. Real risk remains because MCP/CLI user-controlled parameters are interpolated into shell commands executed with execSync.
Decision evidence
public snapshot- src/core/dotnet.js builds shell commands with projectName/output/options and runs execSync
- src/mcp-server.mjs exposes create_project/reinstall_template over MCP, reaching shell-backed dotnet operations
- src/core/dotnet.js downloads and executes dotnet-install scripts from builds.dotnet.microsoft.com on user command
- src/commands/update.js runs npm install -g @yearhe9900/mb-toolbox-cli@latest when update command is invoked
- package.json has no preinstall/install/postinstall lifecycle scripts
- No import-time execution beyond CLI/MCP entrypoint startup
- No credential, env, SSH, or broad filesystem harvesting found by source search
- Network use is for Microsoft dotnet install scripts, configured NuGet source, or npm self-update
- Config writes are limited to ~/.mb-cli/config.json for user-provided NuGet source
Source & flagged code
6 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/core/dotnet.jsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
src/core/dotnet.jsView on unpkg · L6Package source references dynamic require/import behavior.
src/core/create.jsView on unpkg · L12Package source invokes a package manager install command at runtime.
src/commands/update.jsView on unpkg · L11