AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package has powerful CLI and Codex-integration behavior, but inspected risky paths are user-invoked or package-aligned.
Decision evidence
public snapshot- package.json has postinstall lifecycle importing dist/scripts/postinstall.js
- dist/autoresearch/runtime.js runs git and user-provided evaluator command with shell:true during autoresearch workflow
- dist/mcp/code-intel-server.js can invoke npx/grep/ast-grep when MCP tools are called
- dist/cli/setup.js writes Codex config, hooks, AGENTS.md, and plugin registration during explicit setup
- dist/scripts/postinstall.js only runs for global install and writes install-state metadata, not hooks/config/AGENTS.md
- No credential harvesting or exfiltration found in inspected lifecycle and hot files
- Network endpoints are package-aligned: npm registry update check and repository metadata
- Shell/child_process use is tied to CLI features: git workflows, diagnostics, update, and user-invoked tooling
- AI-agent control-surface writes are setup/CLI actions, not unconsented install-time mutation
Source & flagged code
9 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
dist/autoresearch/runtime.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/cli/hooks.jsView on unpkg · L40Source writes installer persistence such as shell profile or service configuration.
dist/cli/index.jsView on unpkg · L4Package source invokes a package manager install command at runtime.
dist/mcp/code-intel-server.jsView on unpkg · L546Package ships non-JavaScript build or shell helper files.
src/scripts/run-autoresearch-showcase.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
dist/cli/doctor.jsView on unpkg