AI Security Review
scanned 2d ago · by lpm-firewall-aiManual review required because source files were not inspected.
Static reason
No blocking static signals were detected.
Trigger
unknown
Impact
unknown
Mechanism
unknown
Rationale
Unable to access read-only filesystem inspection tools in the required final JSON response context.
Decision evidence
public snapshotAI called this Manual Review at 0.0% confidence as Unknown with high false-positive risk.
Evidence for warning
- Inspection could not be performed in this environment because only final JSON output is available.
Evidence against
Behavioral surface
CryptoDynamicRequireEnvironmentVarsFilesystemNetworkWebSocket
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcebin/privateer.mjsView file
21register(); // resolves the repo's tsx regardless of the invocation cwd
L22: await import(resolve(repo, "src/cli/chat.ts"));
Medium
Dynamic Require
Package source references dynamic require/import behavior.
bin/privateer.mjsView on unpkg · L21Findings
3 Medium4 Low
MediumDynamic Requirebin/privateer.mjs
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings