AI Security Review
scanned 14d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is a ROM development MCP/HTTP tool server with explicit user-invoked build, emulator, file-output, and palette-fetch capabilities.
Decision evidence
public snapshot- package.json defines postinstall and CLI/MCP bins.
- src/install/postinstall.mjs runs @kmamal/sdl install.mjs if dist/sdl.node is missing.
- src/mcp/server.js starts a local HTTP/MCP server and re-execs node with --experimental-vm-modules.
- Tool surface can write user-requested outputs/projects and run WASM workers/SDL playtest.
- Postinstall is narrowly scoped to optional @kmamal/sdl prebuilt binary, soft-fails, exits 0, and disables build-from-source flags.
- No credential/env harvesting or exfiltration logic found in inspected entrypoints.
- HTTP server defaults to loopback with localhost host validation; non-loopback requires explicit host/env.
- Network use found is package-aligned: local MCP/HTTP routes and optional Lospec palette fetch by user tool call.
- Dynamic imports load bundled emulator/toolchain modules or declared dependencies for ROM development.
- File writes are explicit tool outputs/project scaffolding/playtest artifacts, not persistence or agent config mutation.
Source & flagged code
7 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references dynamic require/import behavior.
src/host/LibretroHost.jsView on unpkg · L336Package ships native binary artifacts.
src/platforms/gba/lib/libgba/crtend.oView on unpkgPackage ships non-JavaScript build or shell helper files.
src/platforms/snes/lib/pvsneslib/source/MakefileView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
src/mcp/server.jsView on unpkg