AI Security Review
scanned 11h ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time attack surface was found. The package is a powerful local AI bridge with user-invoked filesystem, shell, Codex, browser, and remote-agent capabilities guarded by local tokens.
Decision evidence
public snapshot- Runtime local bridge exposes token-protected file write/delete and shell execution APIs in server.js
- Runtime Codex integration creates isolated CODEX_HOME under ~/.mindexec/codex-runtime and copies ~/.codex/auth.json in codex-runtime.js
- Remote hub can listen on 0.0.0.0:5199 with pair token and manage remote agents
- Package ships native remote-fast binaries and tree-sitter WASM modules
- postinstall only runs scripts/setup-tree-sitter-grammars.mjs to copy missing tree-sitter WASM files into package tree-sitter-grammars/
- launch-bridge.cjs is user-invoked CLI/bin and starts server.js; no install-time server launch
- Protected bridge routes require X-Bridge-Token or bearer token by default
- No lifecycle code writes foreign AI control files, shell startup files, or VCS hooks
- Network endpoints are product-aligned local bridge/remote/model/search APIs
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/MindCanvas-6ZmtXvGc.jsView on unpkg · L817Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-D57zJK6k.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg