AI Security Review
scanned 1h ago · by lpm-firewall-aiNo malicious package-controlled attack surface was confirmed. The user-invoked CLI starts a local configured web UI for an AI coding agent, with optional user-configured file and bash capabilities.
Decision evidence
public snapshot- package.json has no npm lifecycle install hooks; only build/prepack scripts.
- dist/pi-outpost.mjs requires an explicit configuration file before startup.
- CLI defaults its HTTP server to 127.0.0.1 and requires a token for non-loopback exposure.
- WebSocket and file routes validate origin/token and confine file paths to configured browser roots.
- Git subprocess use is fixed to git commands; no hidden shell payload was found.
- Flagged dist/web/assets/chunk-KEIR6QF5-BfrZ3jm6.js contains zero bidi/invisible control characters.
Source & flagged code
4 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/web/assets/chunk-KEIR6QF5-BfrZ3jm6.jsView on unpkg · L46Package ships high-entropy non-source blobs.
dist/web/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkgPackage contains source files above the static scanner size ceiling.
dist/pi-outpost.mjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/pi-outpost.mjsView on unpkg