AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time attack surface was found. Risky primitives are package-aligned downloader/web UI behavior, with a notable privacy concern from hardcoded Telegram bot notifications.
Decision evidence
public snapshot- src/notify.js uses a hardcoded Telegram bot token for user-configured notifications, so notification contents go through a bot controlled by that token holder.
- cookiereader.py can read browser cookies filtered to animepahe/pahe domains, but only via explicit cf-bypass helper paths.
- package.json defines no preinstall/install/postinstall lifecycle hooks; execution is via bin/scripts user commands.
- src/notify.js sends download status/anime titles to Telegram only when telegramChatId is configured and telegramNotify is not false.
- src/config.js stores AniList tokens locally under ~/.config/ani-auto/config.json; src/anilist.js sends them only as Bearer auth to graphql.anilist.co.
- anime/models/playModel.js VM execution is bounded and used to extract m3u8 URLs from scraped player scripts, with no Node globals in the sandbox.
- src/api/cf-bypass.js/cookiereader.py are explicit Cloudflare bypass helpers for animepahe cookies and do not post cookies to an external endpoint.
- src/cli.js update/daemon/editor child_process use is user-invoked CLI functionality, not install-time stealth behavior.
Source & flagged code
6 flagged · loading sourcePackage source executes code through a VM context API.
anime/models/playModel.jsView on unpkg · L50Package source references weak cryptographic algorithms.
anime/utils/diskCache.jsView on unpkg · L6Source appears to send environment or credential material to an external endpoint.
src/notify.jsView on unpkg · L2A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
src/notify.jsView on unpkg · L2Package ships non-JavaScript build or shell helper files.
cookiereader.pyView on unpkg