AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package has install-time hooks, but inspected behavior is package-aligned cleanup, hotfixing, and plugin registry migration for a large AI gateway CLI.
Decision evidence
public snapshot- package.json defines install hooks: preinstall and postinstall
- scripts/postinstall-bundled-plugins.mjs can remove stale dist/plugin-runtime-deps files and patch node_modules/baileys during install
- scripts/postinstall-bundled-plugins.mjs dynamically imports dist/commands/doctor/shared/plugin-registry-migration.js if present
- dist/systemd-D1cMFGus.js contains systemd service install/control code for runtime daemon setup
- scripts/preinstall-package-manager-warning.mjs only detects package manager and prints a warning
- postinstall operations are bounded to package dist, legacy aivibeclaw plugin state, compile cache, or package node_modules hotfix paths
- No postinstall network calls, credential harvesting, or unconsented AI-agent control-surface writes found
- aivibeclaw.mjs is a CLI launcher that imports packaged dist entrypoints on user invocation
- Scanner secret/unicode hits map to bundled dependency/runtime data and Unicode regex tables, not confirmed payloads
Source & flagged code
19 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
dist/dist-CdD4a7gg.jsView on unpkg · L5588Hardcoded password in dist/dist-CdD4a7gg.js
dist/dist-CdD4a7gg.jsView on unpkg · L13656Hardcoded password in dist/dist-CdD4a7gg.js
dist/dist-CdD4a7gg.jsView on unpkg · L21205Package source references dynamic require/import behavior.
scripts/postinstall-bundled-plugins.mjsView on unpkg · L818Package source references weak cryptographic algorithms.
dist/clawhub-D9h8o5bB.jsView on unpkg · L13Source writes installer persistence such as shell profile or service configuration.
dist/systemd-D1cMFGus.jsView on unpkg · L104Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/control-ui/assets/config-runtime-Chws_C6h.jsView on unpkg · L2Package ships non-JavaScript build or shell helper files.
skills/model-usage/scripts/test_model_usage.pyView on unpkgHardcoded password in dist/proxy-cli.runtime-DARm2C1E.js
dist/proxy-cli.runtime-DARm2C1E.jsView on unpkg · L856Hardcoded password in docs/gateway/tailscale.md
docs/gateway/tailscale.mdView on unpkg · L118Hardcoded password in docs/gateway/configuration-reference.md
docs/gateway/configuration-reference.mdView on unpkg · L515Hardcoded password in docs/gateway/configuration-reference.md
docs/gateway/configuration-reference.mdView on unpkg · L545Hardcoded password in docs/gateway/config-channels.md
docs/gateway/config-channels.mdView on unpkg · L756Hardcoded password in docs/channels/matrix.md
docs/channels/matrix.mdView on unpkg · L74