AI Security Review
scanned 2h ago · by lpm-firewall-aiAn explicit generator command downloads a mutable remote boilerplate archive, extracts it, and runs its dependency install/build. It also registers the generated add-on with the Local application.
Static reason
No blocking static signals were detected.
Trigger
User runs `create-local-addon` without `--disable` or `--do-not-symlink`.
Impact
A compromised or changed boilerplate archive can execute code through `npm install`/`npm run build` in the user-selected add-on directory.
Mechanism
Remote boilerplate fetch followed by extracted-project npm execution and Local add-on registration.
Rationale
No concrete malicious or stealth behavior is present, but the default explicit-user workflow executes code from a mutable remote archive without integrity pinning. Flag as a supply-chain execution risk rather than a publish-block malware finding.
Evidence
package.jsonindex.jsapp/index.jsapp/utils.jsREADME.md<target>/<addon>/package.json<Local config>/addons/<addon><Local config>/enabled-addons.json
Network endpoints1
github.com/getflywheel/local-addon-boilerplate/archive/master.tar.gz
Decision evidence
public snapshotAI called this Suspicious at 88.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
- `app/index.js` fetches an unpinned GitHub `master.tar.gz` archive.
- The fetched archive is extracted, then its directory receives `npm install` and `npm run build`.
- `app/index.js` creates a Local add-on symlink and enables it by changing Local configuration.
- `app/index.js` sends opt-in Insight/Google Analytics events after a permission prompt.
Evidence against
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle hook.
- `index.js` is a declared CLI entrypoint; source actions require explicit invocation.
- No credential/env harvesting, shell strings, eval, dynamic loading, or hidden binaries found.
- Writes are limited to the selected add-on directory and Local's add-on configuration.
Behavioral surface
FilesystemNetwork
UrlStrings
Source & flagged code
3 flagged · loading sourceapp/index.jsView file
•Published source reference
Medium
Ai Review Evidence
`app/index.js` fetches an unpinned GitHub `master.tar.gz` archive.
app/index.jsView on unpkg•Published source reference
Medium
Ai Review Evidence
`app/index.js` creates a Local add-on symlink and enables it by changing Local configuration.
app/index.jsView on unpkg•Published source reference
Medium
Ai Review Evidence
`app/index.js` sends opt-in Insight/Google Analytics events after a permission prompt.
app/index.jsView on unpkgFindings
5 Medium3 Low
MediumNetwork
MediumAi Review Evidenceapp/index.js
MediumAi Review Evidence
MediumAi Review Evidenceapp/index.js
MediumAi Review Evidenceapp/index.js
LowScripts Present
LowFilesystem
LowUrl Strings