AI Security Review
scanned 11h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is an MCP social/collaboration server with user-invoked setup and authenticated runtime network features.
Decision evidence
public snapshot- setup.js user-invoked setup writes Claude MCP config under home config paths and registers npx slashvibe-mcp@latest.
- index.js starts presence heartbeat and guest-message polling when run as MCP server for an initialized user.
- tools/cc-insights.js can upload Claude Code insight JSON, but only via explicit vibe_cc_upload tool.
- package.json has no preinstall/install/postinstall lifecycle hooks.
- cli.js routes TTY use to setup.js or MCP server; no install-time execution.
- Network calls are package-aligned to slashvibe.dev, local OAuth callback, Matrix local bot, Twitter/X, Farcaster, Telegram, Discord, and Vibe L2 endpoints.
- tools/_work-context.test.js contains synthetic secret patterns for redaction tests, not live credentials.
- config.js stores package auth/session state in ~/.vibe and does not harvest unrelated credentials.
- No broad lifecycle mutation, persistence hook, destructive action, or remote code execution found.
Source & flagged code
7 flagged · loading sourcePackage contains a critical-looking secret pattern.
tools/_work-context.test.jsView on unpkg · L83GitHub personal access token in tools/_work-context.test.js
tools/_work-context.test.jsView on unpkg · L83Source combines credential-like environment material and outbound requests; review data flow before blocking.
tools/subscriptions.jsView on unpkg · L39Package ships non-JavaScript build or shell helper files.
hooks/check-guest-messages.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
tools/init.jsView on unpkgGitHub personal access token in tools/_work-context.manual-test.js
tools/_work-context.manual-test.jsView on unpkg · L77