AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is an AI orchestration developer tool with powerful user-invoked project setup, local dashboard, hooks, Docker, git, and secret-management features.
Decision evidence
public snapshot- bin/jonggrang.js user-invoked init writes AGENTS.md, CLAUDE.md, .claude/.opencode/.jonggrang scaffolding and hooks
- lib/hooks.js installs Claude/OpenCode/Pi hooks into the target project when init is run
- server.js exposes a local dashboard/API and can be configured to manage secrets, SSH keys, Docker, and agent runs
- package.json has no npm preinstall/install/postinstall lifecycle hooks
- bin/jonggrang.js is a declared CLI entrypoint; package-manager installs occur only in user-invoked web/client setup paths
- Agent hook writes are package-aligned project scaffolding, not lifecycle-triggered foreign control-surface mutation
- hooks/opencode/plugin.js blocks or sanitizes sensitive file/secret access rather than harvesting it
- apis/secrets/index.js stores user-supplied secrets in local webState; no exfiltration endpoint found
- client/dist SettingsView secret hit is UI placeholder text for private keys/tokens, not an embedded secret
Source & flagged code
14 flagged · loading sourcePackage contains a critical-looking secret pattern.
client/dist/assets/SettingsView-Cb0DZfeW.jsView on unpkg · L164OpenSSH private key in client/dist/assets/SettingsView-Cb0DZfeW.js
client/dist/assets/SettingsView-Cb0DZfeW.jsView on unpkg · L164Package source references child process execution.
apis/projects/orchestration-run.jsView on unpkg · L16Package source references dynamic require/import behavior.
apis/secrets/index.jsView on unpkg · L2Package source references weak cryptographic algorithms.
lib/bot-reviewer/index.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
hooks/pi/jonggrang-extension.tsView on unpkg · L17This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/jonggrang.jsView on unpkgSource launches a detached bundled service that exposes a broad-bound HTTP listener.
bin/jonggrang.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
bin/jonggrang.jsView on unpkg · L2658Package ships non-JavaScript build or shell helper files.
hooks/claude/secret-final-check.shView on unpkgPackage ships high-entropy non-source blobs.
client/dist/assets/primeicons-C6QP2o4f.woff2View on unpkgHardcoded password in skills/library/testing/unit-testing-patterns/SKILL.md
skills/library/testing/unit-testing-patterns/SKILL.mdView on unpkg · L17OpenSSH private key in client/dist/assets/ProjectSettingsView-DT4KtWe6.js
client/dist/assets/ProjectSettingsView-DT4KtWe6.jsView on unpkg · L1