AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The package has install-time filesystem writes, but they are scoped to OpenCLI shell completion/setup and adapter metadata for global installs.
Decision evidence
public snapshot- package.json defines postinstall and preuninstall lifecycle hooks.
- scripts/postinstall.js writes shell completion files and ~/.opencli/spotify.env template on global install.
- scripts/fetch-adapters.js can delete stale ~/.opencli/clis overrides and writes ~/.opencli/adapter-manifest.json on global/explicit install.
- postinstall skips non-global installs and CI, writes package-aligned completions/templates, and does not alter shell rc files.
- scripts/fetch-adapters.js states no network calls and only hashes bundled clis/ to clean OpenCLI override files.
- package.json main/bin are OpenCLI CLI entrypoints; preuninstall only POSTs to localhost 127.0.0.1:19825/shutdown.
- dist/src/external.js child_process usage is for checking/install commands for external CLIs, gated by user-invoked CLI behavior.
- dist/src/browser/article-extract.js builds in-page Readability extraction code from dependency files; no exfiltration found.
Source & flagged code
9 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references child process execution.
dist/src/external.jsView on unpkg · L1Package source references a known benign dynamic code generation pattern.
dist/src/browser/article-extract.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/src/discovery.jsView on unpkg · L1Package source references weak cryptographic algorithms.
clis/flomo/memos.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
scripts/postinstall.jsView on unpkg · L7Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/src/launcher.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
scripts/check-doc-coverage.shView on unpkg