AI Security Review
scanned 6h ago · by lpm-firewall-aiNo unconsented install-time or import-time attack surface is established. This is an explicitly invoked coding-agent CLI whose project command and file operations are runtime features.
Decision evidence
public snapshot- `src/core/process-run.js` runs subprocesses for the coding-agent workflow.
- `src/core/tools.js` exposes project file and command tools, activated through chat/runtime requests.
- `codemini-web/server.js` starts a local web UI and can auto-open a browser only after `codemini web`.
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle hook.
- `bin/coder.js` only dispatches after the user invokes the CLI.
- Provider requests use configured gateway credentials in `src/core/provider/openai-compatible.js`; no hidden exfiltration endpoint was found.
- Authored JS outside bundled web assets contains no bidi-control characters; the flagged Markdown asset is a third-party minified editor bundle.
- `src/core/agent-loop.js` applies command-policy and approval handling before agent command execution.
Source & flagged code
5 flagged · loading sourcePackage source references dynamic require/import behavior.
codemini-web/dist/assets/vue-vine-Di7Vc_-0.jsView on unpkg · L1Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
codemini-web/dist/assets/MarkdownEditor-kQWDzhOR.jsView on unpkg · L11Package ships compressed or archive-like blobs.
codemini-web/dist/animations/home/general/loader-cat-dark.lottieView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
codemini-web/dist/animations/home/general/loader-cat-dark.lottieView on unpkgPackage ships high-entropy non-source blobs.
codemini-web/dist/assets/GeistMono-Variable-Dispecij.woff2View on unpkg