AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package exposes user-invoked self-update, local code generation, and opt-in AWS/GitHub deployment tooling; no install-time or import-time execution was found.
Decision evidence
public snapshot- `src/rastack-update.ts` invokes npm only for explicit `rastack update` commands.
- `src/rastack-init.ts` writes project deployment config/workflows and invokes AWS only after explicit init flow.
- `src/deploy/io.ts` runs fixed `aws` argv via `execFileSync`, not hidden lifecycle code.
- `src/rastack.ts` dispatches user-supplied CLI subcommands to package scripts.
- `package.json` has no preinstall, install, postinstall, prepare, or publish lifecycle hook.
- `runtime.ts` only re-exports library modules; importing it does not execute CLI/deploy code.
- No source references AI-agent control directories, shell profiles, SSH material, npm credentials, or exfiltration endpoints.
- `provider/wasm.ts` uses dynamic import solely to load the package's generated WASM bundle.
- Network schema retrieval is caller-directed URL input in `src/schema-fetch.ts` and `src/schema/fetch-schema.ts`.
- Deployment endpoints and AWS resources are derived from explicit project configuration.
Source & flagged code
5 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
provider/wasm.tsView on unpkg · L12Package source references dynamic require/import behavior.
dist/rastack-compile.jsView on unpkg · L12Package source invokes a package manager install command at runtime.
src/rastack-update.tsView on unpkg · L14This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/deploy/config.jsView on unpkg