AI Security Review
scanned 55m ago · by lpm-firewall-aiA signed-in user running the CLI accepts automation definitions from the package service. Those definitions can execute arbitrary shell commands locally before commit generation.
Static reason
One or more suspicious static signals were detected.
Trigger
Run the default `gite` command or `gite compose` in a Git repository.
Impact
A compromised service response or account-controlled automation can run arbitrary commands with the invoking user's permissions.
Mechanism
Remote API-supplied command execution through `child_process.exec`.
Rationale
No install-time behavior or direct credential exfiltration was found, but the server-driven automation runner is an unresolved high-impact capability. Treat as warn rather than block because execution requires explicit CLI use and source supports a product-aligned automation feature.
Evidence
package.jsondist/index.js~/.config/giteai/config.json.giteai
Network endpoints1
giteai2.vercel.app/api/gt
Decision evidence
public snapshotAI called this Suspicious at 90.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `dist/index.js` fetches server-provided `automations` from `user/trait`.
- `dist/index.js` passes each automation `command` to `child_process.exec` without a local allowlist or confirmation.
- Automations run during normal `gite` and `compose` commands before commit generation.
Evidence against
- `package.json` defines no npm lifecycle hooks.
- Network use is limited to the package service endpoint `https://giteai2.vercel.app/api/gt` for its advertised AI commit workflow.
- Observed file writes are an explicit login key store and a repository `.giteai` identifier.
- The scanner's `child_process` dependency signal alone is not evidence of a dependency-squat execution chain.
Behavioral surface
Filesystem
MinifiedTrivialUrlStrings
Source & flagged code
1 flagged · loading sourcepackage.jsonView file
•Runtime dependency names matching Node built-ins: child_process
High
Node Builtin Dependency Squat
Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgFindings
1 High3 Low
HighNode Builtin Dependency Squatpackage.json
LowScripts Present
LowFilesystem
LowUrl Strings