AI Security Review
scanned 2h ago · by lpm-firewall-aiUser-invoked local AI bridge with powerful remote, shell, filesystem, browser, and Codex capabilities. The externally bound RemoteHub is a dangerous dual-use surface, but source inspection did not show covert malware or install-time hijacking.
Decision evidence
public snapshot- package.json runs postinstall: npm run setup:grammars
- remote-hub.js starts a TCP/WebSocket RemoteHub on 0.0.0.0:5199 by default with pairing token auth
- server.js exposes token-protected file write/delete, shell, browser, Codex, and remote APIs on 127.0.0.1
- codex-runtime.js can copy ~/.codex/auth.json into an isolated MindExec Codex home and spawn codex
- postinstall only copies missing tree-sitter wasm grammars into tree-sitter-grammars/
- No install-time foreign AI-agent config mutation found
- No credential exfiltration or remote payload download/execute chain found
- Local bridge requires explicit mindexec/mind-bridge start and protects dangerous routes with X-Bridge-Token
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/canvas-ai-task-core-O-vAY_i5.jsView on unpkg · L1221Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-By7glRIM.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg