AI Security Review
scanned 14h ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time attack surface was found. The package is a local AI bridge with powerful user-invoked runtime APIs, but they are token-protected and package-aligned.
Decision evidence
public snapshot- Runtime bridge exposes token-protected file write/delete/shell/Codex/browser APIs in server.js.
- codex-runtime.js can create ~/.mindexec/codex-runtime and invoke Codex, but only from runtime API use, not install.
- launch-bridge.cjs may kill existing MindExec bridge listeners on the chosen port before starting.
- package.json postinstall only runs setup-tree-sitter-grammars.mjs, which copies missing tree-sitter WASM files into the package tree.
- No lifecycle hook writes .mcp.json, CLAUDE.md, Codex/Cursor config, shell startup files, VCS hooks, or autostart entries.
- Dangerous shell/file/Codex/browser capabilities are behind local bridge runtime and protected routes require X-Bridge-Token by default.
- Network endpoints observed are package-aligned local bridge/company core, MindExec pages, YouTube API, OpenAI-compatible embeddings, and Supabase/auth flows.
- No evidence of credential harvesting or exfiltration during install/import.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/MindCanvas-i94ftf0p.jsView on unpkg · L813Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-D57zJK6k.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg