AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The risky primitives are user-invoked CLI functions for installing workflow assets, MCP/plugin registration, local dashboard control, and self-update.
Decision evidence
public snapshot- dist/src/commands/install-backend.js writes Claude/Codex/MCP config during explicit install commands
- dist/src/commands/update.js can run npm install -g, git pull, and rebuild after interactive update confirmation
- dist/src/commands/view.js and dist/src/commands/stop.js spawn local dashboard processes and kill PIDs on requested ports
- package.json has no install/postinstall/prepare hook; prepublishOnly is publisher-side only
- bin/maestro.js only relaunches itself with WASM flags for kg commands before importing CLI
- dist/src/cli.js lazy-loads command modules only for user-invoked subcommands
- Network use inspected is package-aligned: npm registry check and localhost dashboard/impeccable endpoints
- dist/src/graph/kg/db/queries.js is SQLite CRUD/FTS query code, not payload execution
- .agents/skills/team-adversarial-swarm/scripts/test_aco.py is a test harness for local ACO scripts, not hidden binary payload
Source & flagged code
12 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/src/migrations/_template.jsView on unpkg · L44Package source references weak cryptographic algorithms.
dist/src/tools/core-memory.jsView on unpkg · L31A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/src/commands/view.jsView on unpkg · L181Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/src/commands/view.jsView on unpkg · L196Package source invokes a package manager install command at runtime.
dist/src/commands/view.jsView on unpkg · L116Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dashboard/dist-server/dashboard/src/server/routes/mcp.jsView on unpkg · L10Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/src/tools/impeccable/live/server.jsView on unpkg · L1Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
.agents/skills/team-adversarial-swarm/scripts/test_aco.pyView on unpkgPackage ships non-JavaScript build or shell helper files.
.agents/skills/team-adversarial-swarm/scripts/test_aco.pyView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
dist/src/graph/kg/db/queries.jsView on unpkg