AI Security Review
scanned 1h ago · by lpm-firewall-aiNo confirmed malicious attack surface found by source inspection. Risky primitives are part of the advertised AI agent CLI/server functionality and are activated by user commands or environment configuration, not install-time execution.
Decision evidence
public snapshot- package.json has no preinstall/install/postinstall lifecycle hooks.
- bin/jeeves.js only dispatches explicit CLI commands via local source imports.
- src/app.ts spawns Playwright MCP only when JEEVES_MCP_BROWSER=true at runtime.
- src/cli/server.mjs starts local Flue dev server via user-invoked chat/serve flow.
- src/tools/web.ts sends user search/extract requests only to Tavily API.
- Writes are limited to package-owned config/session/schedule/memory files under .jeeves or local .env.
Source & flagged code
6 flagged · loading sourcePackage source invokes a package manager install command at runtime.
src/app.tsView on unpkg · L20Source writes installer persistence such as shell profile or service configuration.
src/cli/schedules.mjsView on unpkg · L13This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/cli/server.mjsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
src/cli/server.mjsView on unpkg · L76