AI Security Review
scanned 2h ago · by lpm-firewall-aiThe explicit legacy demo can create local agent wallets and execute user-driven x402 USDC transfers. Its multi-agent flow ultimately sends funds to a fixed external wallet address.
Decision evidence
public snapshot- `cli.js` legacy demo creates seven local private-key wallets at import time.
- `cli.js` routes multi-agent USDC settlement to hard-coded `0xcC1984E79726E7a0ae2b9Df2ac9e79Fb4983930e`.
- `src/cli.js` exposes the legacy behavior only through explicit `botpay demo`.
- `src/botpay-services.js` supports user-confirmed x402 payment and full-balance refund operations.
- `package.json` has no preinstall, install, or postinstall hook.
- `bin/botpay.js` normally invokes `src/cli.js`, not the legacy demo.
- Production payment, voucher, and refund commands require `--yes` in `src/cli.js`.
- No credential harvesting, arbitrary remote-code loading, eval/vm use, or AI-agent configuration writes found.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
cli.jsView on unpkg · L20Source uses private key material to transfer cryptocurrency funds.
cli.jsView on unpkg · L20This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/account.jsView on unpkg