AI Security Review
scanned 5h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The explicit setup CLI authenticates to Crumbtrail, installs its SDK, and edits selected project files to add instrumentation.
Decision evidence
public snapshot- `dist/cli.cjs` invokes package-manager installs and has a cloud tarball fallback after an explicit CLI setup command.
- `dist/cli.cjs` writes `CRUMBTRAIL_KEY` to the selected project's `.env` during user-invoked instrumentation.
- `dist/cli.cjs` can generate an AI setup prompt containing a `curl | sh` instruction, but does not execute it.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `dist/cli.cjs` runs only when invoked as the `crumbtrail` CLI; library exports are side-effect-free.
- Network requests target the configured Crumbtrail API, defaulting to the package-aligned Railway host.
- Auth storage is limited to `~/.config/crumbtrail/auth.json` with mode `0600`; no broad credential harvesting was found.
- No exfiltration of environment variables, shell/eval payload execution, AI-agent config writes, or persistence was found.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/chunk-UFJ2BODB.jsView on unpkg · L2840Source appears to send environment or credential material to an external endpoint.
dist/cli.cjsView on unpkg · L508A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli.cjsView on unpkg · L508A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli.cjsView on unpkg · L7320Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.jsView on unpkg · L14