AI Security Review
scanned 2h ago · by lpm-firewall-aiThe package is an explicitly invoked declarative execution runtime. User-supplied scripts can run shell commands, including background processes, and can execute LLM-generated runtime code.
Decision evidence
public snapshot- `dist/chunk-4TBIVB4X.js` implements `<system>` with `exec` and background `spawn(..., shell:true)`.
- `dist/chunk-4TBIVB4X.js` supports LLM-generated code execution (`<llm execute="true">`).
- `dist/agent-MJSTQERB.js` explicitly starts a detached persistent local agent under `~/.dirac`.
- `README.md` documents shell commands and generated-code execution as intended features.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- CLI/agent execution requires explicit `dirac` commands or interpreted user scripts.
- LLM keys are used to configure selected LLM clients; no source path harvests or sends unrelated files/credentials.
- Observed network code targets configured LLM providers or local defaults, not a hard-coded collector.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/shell-CY5XIPQC.jsView on unpkg · L981Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/shell-CY5XIPQC.jsView on unpkg · L20This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-4TBIVB4X.jsView on unpkgPackage source references dynamic require/import behavior.
dist/chunk-4TBIVB4X.jsView on unpkg · L299