AI Security Review
scanned 2h ago · by lpm-firewall-aiAn explicit `margins open` command fetches a current private runtime package and executes its launcher. The reviewed package delegates executable behavior to code not present in this archive.
Decision evidence
public snapshot- `dist/runtime-C34gpFId.mjs` resolves `GITHUB_TOKEN` or `gh auth token`.
- `dist/runtime-C34gpFId.mjs` queries and installs unpinned latest `@alvistar/margins-light` from `npm.pkg.github.com`.
- `dist/open-DRI1TeIo.mjs` spawns the downloaded runtime's `scripts/launcher.mjs`.
- The runtime package is cached under `~/.margins/runtime/<version>/`.
- `package.json` has only `prepublishOnly`; no preinstall/install/postinstall hook.
- The downloader is reached through the explicit `margins open` command.
- Child-process calls use `execFile` argument arrays rather than shell interpolation.
- The temporary authenticated `.npmrc` is mode 0600 and removed in `finally`.
- No source evidence of unrelated credential exfiltration, destructive behavior, or AI-agent control-surface writes.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
dist/runtime-C34gpFId.mjsView on unpkg · L2This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/config-DVO9hXat.mjsView on unpkgPackage source references dynamic require/import behavior.
dist/config-DVO9hXat.mjsView on unpkg · L3066Package source references a known benign dynamic code generation pattern.
dist/config-DVO9hXat.mjsView on unpkg · L3105Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.mjsView on unpkg · L15