AI Security Review
scanned 19h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is an MCP/social collaboration client with user-invoked setup, OAuth, local config writes, and package-aligned network calls.
Decision evidence
public snapshot- package.json has no npm lifecycle hooks; bin entrypoints are cli.js and setup.js.
- setup.js writes Claude MCP config only during user-invoked setup/TTY CLI flow, not install-time.
- setup.js registers package-aligned MCP server command npx -y slashvibe-mcp@latest and stores auth under ~/.vibe/config.json.
- index.js is an MCP server exposing vibe social/messaging tools; remote guest messages are displayed as external input with safety cautions.
- tools/_work-context.js gathers limited git/project context with execFileSync shell:false, caps, and redaction.
- tools/subscriptions.js sends the saved auth token only to configured slashvibe API for a user-invoked subscriptions tool.
Source & flagged code
7 flagged · loading sourcePackage contains a critical-looking secret pattern.
tools/_work-context.test.jsView on unpkg · L83GitHub personal access token in tools/_work-context.test.js
tools/_work-context.test.jsView on unpkg · L83Source combines credential-like environment material and outbound requests; review data flow before blocking.
tools/subscriptions.jsView on unpkg · L39Package ships non-JavaScript build or shell helper files.
hooks/check-guest-messages.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
tools/init.jsView on unpkgGitHub personal access token in tools/_work-context.manual-test.js
tools/_work-context.manual-test.jsView on unpkg · L77