AI Security Review
scanned 48m ago · by lpm-firewall-aiWhen the explicitly configured OpenCode plugin starts, it requests sponsor content and records impression URLs. A server-controlled HTTP(S) `viewUrl` receives the plugin's Bearer token, creating a concrete credential-forwarding risk if the API or its response path is compromised.
Decision evidence
public snapshot- `tui.js` auto-fetches sponsor data when the OpenCode TUI plugin initializes.
- `tui.js` persists an install UUID at `~/.config/entracte/install-id-opencode`.
- `tui.js` accepts server-supplied `viewUrl` values limited only to HTTP(S).
- `tui.js` fetches each new `viewUrl` with the stored Bearer machine token.
- `tui.js` stores OAuth device-flow credentials in `~/.config/entracte/credentials.json`.
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- The only executable entrypoint is `tui.js`, an explicit OpenCode plugin loaded after user configuration.
- No eval, dynamic module loading, shell command construction, binary loading, or code/prompt harvesting is present.
- `spawn` only invokes the platform URL opener for device verification and ad click URLs.
- Package-owned files are confined to `~/.config/entracte` plus a debug log at `/tmp/entracte-oc-debug.log`.
Source & flagged code
3 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
tui.jsView on unpkg · L7Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
tui.jsView on unpkg · L7