AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. Lifecycle hooks perform package-aligned warnings, git hook setup for source checkouts, dist cleanup/hotfixes, and AivibeClaw plugin registry migration without observed exfiltration.
Decision evidence
public snapshot- Install lifecycle scripts exist: preinstall, prepare, postinstall in package.json.
- postinstall can delete stale package dist files and legacy plugin dependency dirs with root/symlink safety checks.
- postinstall can migrate installed plugin registry into the AivibeClaw state SQLite DB.
- prepare runs git config core.hooksPath only when a git worktree and git-hooks dir exist.
- preinstall only emits a non-pnpm warning; no network or file writes.
- postinstall comments and code say plugin deps are not installed during lifecycle; no npm/network execution seen.
- postinstall path operations are bounded by package dist, node_modules/baileys hotfix, or AivibeClaw state migration/cleanup.
- dist/index.js only loads CLI runtime when main; import path is inert aside from dynamic import of library exports.
- Scanner secret/unicode hits appear to be bundled dependency/runtime code; no hardcoded exfiltration credential or Trojan Source control found in inspected file.
Source & flagged code
21 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
dist/dist-CdD4a7gg.jsView on unpkg · L5588Hardcoded password in dist/dist-CdD4a7gg.js
dist/dist-CdD4a7gg.jsView on unpkg · L13656Hardcoded password in dist/dist-CdD4a7gg.js
dist/dist-CdD4a7gg.jsView on unpkg · L21205Package source references dynamic require/import behavior.
scripts/postinstall-bundled-plugins.mjsView on unpkg · L818Source writes installer persistence such as shell profile or service configuration.
dist/launchd-DrKxjPQa.jsView on unpkg · L20Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/control-ui/assets/config-runtime-Chws_C6h.jsView on unpkg · L2Package ships non-JavaScript build or shell helper files.
deploy/announce-control-center.shView on unpkgPackage ships high-entropy non-source blobs.
apps/zoozoo-android/gradle/wrapper/gradle-wrapper.jarView on unpkgPackage ships compressed or archive-like blobs.
apps/zoozoo-android/gradle/wrapper/gradle-wrapper.jarView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
apps/zoozoo-android/gradle/wrapper/gradle-wrapper.jarView on unpkgHardcoded password in dist/proxy-cli.runtime-BwJDobZm.js
dist/proxy-cli.runtime-BwJDobZm.jsView on unpkg · L856Hardcoded password in docs/gateway/tailscale.md
docs/gateway/tailscale.mdView on unpkg · L118Hardcoded password in docs/gateway/configuration-reference.md
docs/gateway/configuration-reference.mdView on unpkg · L515Hardcoded password in docs/gateway/configuration-reference.md
docs/gateway/configuration-reference.mdView on unpkg · L545Hardcoded password in docs/gateway/config-channels.md
docs/gateway/config-channels.mdView on unpkg · L756Hardcoded password in docs/channels/matrix.md
docs/channels/matrix.mdView on unpkg · L74