AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious behavior, but the CLI has a real command-injection risk from shell-built scanner commands using user-controlled target paths. Network and filesystem writes are mostly package-aligned scanner installation, reports, config, and optional git hooks.
Decision evidence
public snapshot- dist/auditx.js runs shell commands with interpolated target paths in npx/lizard/tsc/license-checker runners
- dist/auditx.js auto-downloads scanner binaries from GitHub into ~/.auditx/bin on user-invoked scans
- dist/auditx.js has user-invoked `auditx install` that runs npm install -g and pip install
- dist/hook-W4INEOTH.js writes git hooks, but only via explicit `auditx hook install` command
- package.json has no install/preinstall/postinstall lifecycle scripts
- Bin entrypoint is a security scanner CLI; child_process/network use aligns with invoking Semgrep, Trivy, Gitleaks, npm audit, and report tools
- No source evidence of credential harvesting or hidden exfiltration; AI provider calls require --ai and user/env API key
- Config writes are limited to ~/.auditx/config.json after interactive AI setup
- Git hook mutation is explicit CLI functionality with marker, backup, and uninstall path
Source & flagged code
5 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version.
dist/auditx.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/auditx.jsView on unpkg · L781