AI Security Review
scanned 13h ago · by lpm-firewall-aiNo confirmed malicious install or import-time attack surface. The package is a user-invoked localhost AI bridge with powerful but package-aligned shell, Codex, MCP, and remote-device capabilities guarded by a generated bridge token.
Decision evidence
public snapshot- server.js exposes token-gated local shell and Codex execution APIs when the user starts the bridge
- codex-runtime.js can create ~/.mindexec/codex-runtime and run Codex with caller-selected sandbox options
- server.js includes a token-gated /api/mcp/call proxy to caller-supplied HTTP(S) MCP URLs
- package.json postinstall only runs scripts/setup-tree-sitter-grammars.mjs
- scripts/setup-tree-sitter-grammars.mjs only ensures tree-sitter-grammars/ and copies missing wasm files from dependency locations
- launch-bridge.cjs starts server.js only from explicit CLI/start and binds app to local bridge URLs
- server.js protects /api/shell, /api/codex, /api/mcp, and remote APIs with X-Bridge-Token by default
- server.js listens on 127.0.0.1, not 0.0.0.0
- No install-time writes to foreign AI-agent control surfaces, shell startup, VCS hooks, or autostart files found
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/MindCanvas-DKPG_6ka.jsView on unpkg · L813Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-D57zJK6k.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg