AI Security Review
scanned 2d ago · by lpm-firewall-aiConfirmed install-time global dependency installation creates unresolved supply-chain and global environment mutation risk, but no concrete malicious payload was found in inspected source. The binary CLI and shell tooling are user-invoked surfaces for an AI terminal tool.
Decision evidence
public snapshot- package.json postinstall runs script/postinstall.mjs on install.
- script/postinstall.mjs executes `npm install -g @nut-tree-fork/nut-js` and `npm install -g playwright` without user opt-in.
- Postinstall uses child_process execSync to mutate the global npm environment and fetch code at install time.
- No inspected lifecycle code writes AI-agent config, shell startup, VCS hooks, or OS autostart files.
- script/octo-shim.mjs only dispatches CLI arguments to a packaged binary when invoked.
- The added shell helper source is CLI/runtime process management, not install-time persistence or exfiltration.
- No credential harvesting or package-specific exfiltration endpoint was confirmed in inspected files.
Source & flagged code
15 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references child process execution.
script/octo-shim.mjsView on unpkg · L2Package source references dynamic require/import behavior.
script/time.tsView on unpkg · L4Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
src/lsp/server.tsView on unpkg · L1Package source invokes a package manager install command at runtime.
script/postinstall.mjsView on unpkg · L17Package ships WebAssembly modules.
src/cli/tui/tree-sitter-powershell-ryb2ffqs.wasmView on unpkgPackage ships high-entropy non-source blobs.
octocode-ai-3.7.1.tgzView on unpkgPackage ships compressed or archive-like blobs.
octocode-ai-3.7.1.tgzView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
octocode-ai-3.7.1.tgzView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/tool/shell.tsView on unpkgHardcoded password in test/server/auth.test.ts
test/server/auth.test.tsView on unpkg · L47Hardcoded password in test/server/httpapi-listen.test.ts
test/server/httpapi-listen.test.tsView on unpkg · L19