AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The explicit CLI can inspect accessible local AI credential files and print tokens locally, while library OAuth refresh may update the originating credential file.
Decision evidence
public snapshot- `dist/cli.js` exposes `detect --all-users`, which reads accessible users' Claude/Grok credential files.
- `dist/cli.js` renders detected access tokens to stdout as `.env` assignments.
- `dist/index.js` can write refreshed OAuth credentials back to the same local credential file.
- `package.json` has no preinstall/install/postinstall hook; `prepublishOnly` is publisher-side.
- Credential scanning runs only through explicit `cardan detect` commands or exported API calls.
- `dist/detect-DpOH7FaI.js` uses local filesystem reads only; no network API is present.
- `dist/index.js` OAuth write-back is tied to configured token refresh and the matched source file.
- Network calls in `dist/index.js` target configured LLM-provider APIs, not a package-controlled collector.
- No child process, shell execution, eval, payload download, or stealth persistence was found.
Source & flagged code
3 flagged · loading source`dist/cli.js` exposes `detect --all-users`, which reads accessible users' Claude/Grok credential files.
dist/cli.jsView on unpkg`dist/cli.js` renders detected access tokens to stdout as `.env` assignments.
dist/cli.jsView on unpkg`dist/index.js` can write refreshed OAuth credentials back to the same local credential file.
dist/index.jsView on unpkg