AI Security Review
scanned 1d ago · by lpm-firewall-aiThe declared pi/OpenClaw extension performs local context compaction and persists its own state. Optional dashboard and model integrations use loopback-only endpoints; no confirmed external exfiltration or install-time action exists.
Decision evidence
public snapshot- package.json has no preinstall, install, or postinstall hook; prepublishOnly only builds.
- extensions/mega-compact.ts runs execSync only for git repo-root lookup.
- Dashboard spawning occurs only through explicit mega-dashboard commands.
- src/httpEmbedder.ts rejects non-loopback embedding URLs.
- src/dedup/raptor/summarizer.ts permits only localhost/127.0.0.1 Ollama.
- No remote endpoint, credential harvesting, dynamic evaluation, or foreign agent-config mutation found.
Source & flagged code
5 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/extensions/mega-compact.jsView on unpkgPackage source references child process execution.
dist/extensions/mega-compact.jsView on unpkg · L42Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/extensions/mega-compact.jsView on unpkg · L42A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/src/dedup/raptor/summarizer.jsView on unpkg · L13Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/src/dedup/raptor/summarizer.jsView on unpkg · L58