AI Security Review
scanned 12d ago · by lpm-firewall-aiNo confirmed malicious attack surface by source inspection. The package is a broad AI-agent CLI/extension with powerful user-invoked setup, update, docs, and onboarding actions, but reviewed risky behavior is aligned with that purpose.
Decision evidence
public snapshot- User-invoked CLI can run shell/package-manager commands: scripts/cli.ts, installer/tools.ts, installer/init-module.ts.
- autodev init can write project AGENTS.md/CONTEXT.md and .autodev files from bundled templates.
- AGENTS.md contains AI-agent operating instructions, but is bundled documentation/config for this agent framework.
- package.json has no install/preinstall/postinstall lifecycle hooks; bin is explicit autodev CLI.
- Credential prompts store keys locally in agent .env/auth references; validation calls provider APIs, no off-domain exfil flow found.
- Network endpoints are package-aligned: npm registry, GitHub/gh, LLM/Voyage/Discord validation, docs seeding from configured sources.
- Homebrew curl|bash and package installs occur only via installer/doctor/update/tool commands, not import-time or install-time.
- Debug test secret is synthetic and logger redacts secrets before writing.
- AI-agent control files are written only on user-invoked init/install/onboard, not silently during package install/import.
Source & flagged code
11 flagged · loading sourcePackage contains a critical-looking secret pattern.
extensions/autodev/debug/__tests__/debug.test.tsView on unpkg · L247GitHub personal access token in extensions/autodev/debug/__tests__/debug.test.ts
extensions/autodev/debug/__tests__/debug.test.tsView on unpkg · L247Google API key in extensions/autodev/debug/__tests__/debug.test.ts
extensions/autodev/debug/__tests__/debug.test.tsView on unpkg · L246Package source references child process execution.
extensions/autodev/background/manager.tsView on unpkg · L150Package source references shell execution.
extensions/autodev/docs/seeding.tsView on unpkg · L194Package source invokes a package manager install command at runtime.
extensions/autodev/installer/uninstall-module.tsView on unpkg · L181Source writes installer persistence such as shell profile or service configuration.
extensions/autodev/installer/uninstall-module.tsView on unpkg · L23Source combines credential-like environment material and outbound requests; review data flow before blocking.
extensions/autodev/embeddings.tsView on unpkg · L37Source downloads or fetches remote code and executes it.
extensions/autodev/installer/tools.tsView on unpkg · L1This package version adds a dangerous source file absent from the previous stored version.
extensions/autodev/installer/config-module.tsView on unpkg