AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The risky primitives are package-aligned interpreter and shell features requiring user CLI/program action, not install-time or import-time execution.
Decision evidence
public snapshot- package.json has no install/preinstall/postinstall lifecycle hooks
- dist/cli.js only runs when dirac/dish CLI is invoked and reads user-specified config/input files
- dist/chunk-ZRYXVVUV.js system/eval/require_module tags are interpreter features activated by Dirac programs
- dist/chunk-PPH7KYKH.js uses API keys only to initialize configured LLM providers
- dist/agent-ZYONE5JH.js starts/stops a user-invoked local daemon under ~/.dirac
- README.md documents LLM code execution and shell command features as core package behavior
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/agent-ZYONE5JH.jsView on unpkg · L15This package version adds a dangerous source file absent from the previous stored version.
dist/chunk-ZRYXVVUV.jsView on unpkgPackage source references dynamic require/import behavior.
dist/chunk-ZRYXVVUV.jsView on unpkg · L299Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/shell-MGGRRK5F.jsView on unpkg · L20