AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. Network behavior is package-aligned WhatsApp, LLM, and explicitly configured connector functionality, activated only at runtime or by owner commands.
Decision evidence
public snapshot- `dist/gateway/server.js` starts a WhatsApp gateway when its documented runtime entrypoint is executed.
- `dist/cli/index.js` can spawn only `process.execPath` with the package's gateway scripts.
- `dist/llm/ocr-registry.js` builds configurable provider endpoints from local settings/env.
- `dist/connectors/runner.js` can perform configured connector requests at runtime.
- `package.json` has no preinstall/install/postinstall lifecycle hooks.
- No `eval`, `Function`, shell execution, arbitrary require, or remote-code loader was found in shipped JS.
- CLI writes are explicit commands for cwd-local config, `.env`, auth, and data files.
- `dist/conversation/connector-command-controller.js` limits connector execution to owner self-chat with an explicit `confirm`.
- `dist/connectors/url-guard.js` requires HTTPS allowlisted public DNS hosts; `dist/connectors/executor.js` blocks redirects.
- No source evidence of credential harvesting, exfiltration, AI-agent config mutation, or destructive foreign-path writes was found.
Source & flagged code
4 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/llm/ocr-registry.jsView on unpkg · L99Package source references weak cryptographic algorithms.
dist/message-dedupe/engine.jsView on unpkg · L178Tarball package.json differs from the npm registry version manifest for scripts or dependency sets.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli/index.jsView on unpkg