AI Security Review
scanned 11d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established by source inspection. The package is a CLI/extension for an AI development agent and contains powerful user-invoked setup, update, docs, and integration commands.
Decision evidence
public snapshot- scripts/cli.ts has user-invoked update path running npm view/bun install and rm -rf on Bun cache.
- extensions/autodev/installer/tools.ts can install Homebrew/GitHub CLI/Node via curl/apt commands during setup.
- extensions/autodev/installer/init-module.ts writes project .autodev files, .github templates, AGENTS.md/CONTEXT.md on autodev init.
- extensions/autodev/embeddings.ts sends document/query text to VoyageAI only when VOYAGE_API_KEY is configured.
- package.json has no install/preinstall/postinstall lifecycle hooks; bin is explicit autodev CLI only.
- Risky exec/fetch/write behavior is tied to documented subcommands: doctor/config/init/update/docs/uninstall.
- Credential handling in config-module.ts writes keys locally to agent .env/auth config and validates them against provider APIs; no unrelated exfiltration found.
- debug test secret strings are test fixtures for redaction, not live credentials.
- Discord/GitHub/Voyage/OpenAI/Anthropic endpoints are package-aligned integrations for an autonomous dev tool.
- No import-time destructive behavior, persistence, native binary loading, or hidden payload carrier found.
Source & flagged code
11 flagged · loading sourcePackage contains a critical-looking secret pattern.
extensions/autodev/debug/__tests__/debug.test.tsView on unpkg · L247GitHub personal access token in extensions/autodev/debug/__tests__/debug.test.ts
extensions/autodev/debug/__tests__/debug.test.tsView on unpkg · L247Google API key in extensions/autodev/debug/__tests__/debug.test.ts
extensions/autodev/debug/__tests__/debug.test.tsView on unpkg · L246Package source references child process execution.
extensions/autodev/background/manager.tsView on unpkg · L150Package source references shell execution.
extensions/autodev/docs/seeding.tsView on unpkg · L194Package source invokes a package manager install command at runtime.
extensions/autodev/installer/uninstall-module.tsView on unpkg · L181Source writes installer persistence such as shell profile or service configuration.
extensions/autodev/installer/uninstall-module.tsView on unpkg · L23Source combines credential-like environment material and outbound requests; review data flow before blocking.
extensions/autodev/embeddings.tsView on unpkg · L37Source downloads or fetches remote code and executes it.
extensions/autodev/installer/tools.tsView on unpkg · L1This package version adds a dangerous source file absent from the previous stored version.
scripts/cli.tsView on unpkg