AI Security Review
scanned 6h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a browser automation library with runtime driver download, daemon/MCP browser control, and explicit user-command agent guide setup.
Decision evidence
public snapshot- dist/lib/driverManager.js downloads chromedriver/geckodriver binaries at runtime when no local driver is found
- dist/cli/init.js can write AI-agent instruction files such as AGENTS.md, CLAUDE.md, GEMINI.md on explicit init command
- dist/cli/mcp/tools.js exposes browser_advanced_eval for caller-supplied page JavaScript via MCP
- package.json has no install/preinstall/postinstall hook; only prepublishOnly build/lint
- bin/craftdriver.mjs only imports dist/cli/index.js when the CLI is invoked
- dist/lib/driverManager.js network use is package-aligned driver resolution from Chrome for Testing and Mozilla GitHub releases
- dist/lib/driverManager.js extraction uses spawnSync with fixed argv arrays, not shell string execution
- dist/cli/init.js writes bounded first-party guidance files only on explicit craftdriver init and respects --dry-run/--force
- No credential harvesting or exfiltration logic found in inspected source
Source & flagged code
7 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli/index.jsView on unpkg · L12This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/lib/driverManager.jsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/lib/driverManager.jsView on unpkg · L25Package source references a known benign dynamic code generation pattern.
dist/lib/clock.jsView on unpkg · L116Package source references dynamic require/import behavior.
bin/craftdriver.mjsView on unpkg · L23