AI Security Review
scanned 17h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The risky primitives are local-bridge features activated by the user at runtime and guarded by token/path checks, not install-time abuse.
Decision evidence
public snapshot- Runtime exposes shell/file/Codex APIs in server.js when the user starts the local bridge.
- codex-runtime.js can copy ~/.codex/auth.json into an isolated ~/.mindexec runtime and spawn codex for user-submitted jobs.
- Package ships native remote-fast binaries and tree-sitter WASM grammars.
- package.json postinstall only runs scripts/setup-tree-sitter-grammars.mjs to ensure packaged tree-sitter WASM files exist.
- launch-bridge.cjs only starts server.js locally, selects workspace, reaps prior MindExec port owner, and optionally opens localhost UI.
- server.js protects shell/file/Codex/remote/company-core routes with a random or user-supplied bridge token.
- server.js validatePath confines write/delete/list APIs to workspacePath.
- External fetches are product-aligned: model catalogs, YouTube/search tools, Supabase auth, CompanyCore proxy, and opt-in embeddings.
- No install-time credential harvesting, exfiltration, persistence, destructive behavior, or reviewer/prompt manipulation found.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/MindCanvas-Bt5BmsT4.jsView on unpkg · L644Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-D57zJK6k.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg