AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious or install-time attack surface. This is an explicit AI developer CLI that sends user task/context to configured AI providers and can perform user-approved project actions. Its optional skill installer is user-command-only.
Decision evidence
public snapshot- `dist/bin/shark.js` runs model-proposed shell commands only through explicit `shark dev`; `--auto` suppresses prompts.
- `dist/bin/shark.js` `super --local` replaces `.agents/skills` only when the user explicitly invokes it.
- `skills/brainstorming/scripts/server.cjs` is a local HTTP/WebSocket companion with configurable non-loopback binding.
- `package.json` contains no `preinstall`, `install`, or `postinstall` hook.
- `dist/bin/shark.js` normally prompts before agent-directed create, modify, delete, and shell actions.
- Network calls target the advertised StackSpot/OpenAI-compatible provider paths; no unrelated exfiltration endpoint was found.
- Credential storage in `dist/chunk-QSDS6XH6.js` is scoped to `~/.shark-ai/credentials.json` with owner-only permissions.
Source & flagged code
3 flagged · loading sourcePackage source references weak cryptographic algorithms.
skills/brainstorming/scripts/server.cjsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
skills/systematic-debugging/find-polluter.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/bin/shark.jsView on unpkg