AI Security Review
scanned 8d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- cli.js creates/loads local private keys at runtime in ~/.botpay/agent-wallets.json.
- cli.js signs transactions/x402 authorizations with BOTPAY_AGENT_PRIVATE_KEY and related env keys.
- cli.js contains hardcoded payout/treasury receivers and sends user/agent funds to them in selected demos.
- cli.js contacts BotPay/voucher/x402 endpoints and public RPC endpoints for payment flows.
- package.json has no install/preinstall/postinstall lifecycle hooks.
- The only declared entrypoint is user-invoked bin cli.js.
- No code found that sends raw private keys or env contents to a remote endpoint.
- Wallet funding and payment flows print recipient/amount prompts and require menu selection or wallet approval.
- Hardcoded network/payment behavior is aligned with a BotPay payment demo package.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
cli.jsView on unpkg · L20Source uses private key material to transfer cryptocurrency funds.
cli.jsView on unpkg · L20A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
cli.jsView on unpkg · L20