AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious install-time attack surface is established. The package is a local AI bridge with high-risk user-invoked capabilities guarded by bridge tokens and local runtime setup.
Decision evidence
public snapshot- Runtime includes Codex integration that creates ~/.mindexec/codex-runtime and copies ~/.codex/auth.json when user invokes AI features.
- server.js exposes authenticated local bridge APIs for project file writes/removes and shell/Codex/remote-agent operations.
- Network code contacts OpenAI/OpenRouter/Supabase/YouTube/search endpoints during user-facing features.
- package.json postinstall only runs scripts/setup-tree-sitter-grammars.mjs; it copies fixed tree-sitter WASM files into package tree-sitter-grammars.
- No install-time mutation of foreign AI-agent config found; Codex config/auth copying occurs in runtime helper codex-runtime.js, not postinstall.
- launch-bridge.cjs starts local server.js for explicit CLI/bin use and opens localhost app; no hidden download or exfiltration path found in inspected entrypoints.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
server.jsView on unpkg · L18A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkgPackage source references dynamic code evaluation.
wwwroot/assets/canvas-ai-task-core-ekSGbHyt.jsView on unpkg · L1221Package source references dynamic require/import behavior.
wwwroot/assets/supabaseAuthAdapter-By7glRIM.jsView on unpkg · L43Source launches a detached bundled service that exposes a broad-bound HTTP listener.
scripts/remote-fast-mdm-browser-smoke.mjsView on unpkg · L3Package ships native binary artifacts.
remote-fast/osx-x64/mindexec-remote-fastView on unpkgPackage ships WebAssembly modules.
tree-sitter-grammars/tree-sitter-go.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
start-bridge.batView on unpkg