AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Loading the OpenCode plugin may start its first-party Gateway through an already-installed PM2. Explicit `supertask install` additionally provisions PM2 persistence and a user LaunchAgent.
Decision evidence
public snapshot- `dist/plugin/supertask.js` calls `ensureGateway()` during plugin config initialization.
- `dist/cli/index.js` starts a persistent `supertask-gateway` PM2 process and saves PM2 state.
- `dist/cli/index.js` can install PM2 globally, create a macOS LaunchAgent, and invoke OpenCode plugin upgrades via explicit CLI commands.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- No credential harvesting, authorization headers, remote payload fetches, eval/vm usage, or external exfiltration endpoint was found.
- Observed fetch use is limited to the package's local dashboard health URL and bundled web API routes.
Source & flagged code
8 flagged · loading sourcePackage source references child process execution.
dist/web/index.jsView on unpkg · L16291Source writes installer persistence such as shell profile or service configuration.
dist/web/index.jsView on unpkg · L724Source appears to send environment or credential material to an external endpoint.
dist/cli/index.jsView on unpkg · L48A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli/index.jsView on unpkg · L48Package source invokes a package manager install command at runtime.
dist/cli/index.jsView on unpkg · L21147Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/plugin/supertask.jsView on unpkg · L724This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/daemon/pm2-supervisor.jsView on unpkg