AI Security Review
scanned 13h ago · by lpm-firewall-aiNo confirmed malicious install-time attack surface was established, but the package is a high-capability local AI/remote bridge. Runtime use exposes shell, file, browser, MCP, Codex, and remote-agent control surfaces guarded mainly by local tokens and pairing tokens.
Decision evidence
public snapshot- launch-bridge.cjs starts server.js on user CLI invocation and opens localhost app.
- server.js exposes token-protected file write/delete, shell, MCP, browser, remote-control, and Codex endpoints.
- remote-hub.js defaults RemoteHub bind host to 0.0.0.0 and warns it is externally reachable.
- codex-runtime.js can create ~/.mindexec/codex-runtime, copy ~/.codex/auth.json, and run Codex SDK/CLI on API request.
- package.json postinstall only runs scripts/setup-tree-sitter-grammars.mjs to copy packaged tree-sitter WASM files into tree-sitter-grammars.
- server.js LocalBridge HTTP server binds to 127.0.0.1 and protects mutating/high-risk routes with a random bridge token by default.
- No install-time writes to foreign AI-agent control surfaces such as .mcp.json, CLAUDE.md, or .claude were found.
- Dangerous shell/file/Codex behavior is documented local-bridge functionality and is not import-time or install-time execution.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/MindCanvas-BnU563C9.jsView on unpkg · L813Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-D57zJK6k.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg