AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Risky primitives are tied to explicit scaffold/AI-tool functionality and require user invocation, not install or import execution.
Decision evidence
public snapshot- apps/startx-cli/src/commands/package.ts can write files and optionally spawn package-manager install after user CLI prompts
- packages/aix/src/tools/system/index.ts exposes user-invoked VM JavaScript tools inside bundled AI framework
- packages/aix/src/providers/providers.ts contains AI provider endpoints for anthropic/groq/cerebras
- package.json has no install/preinstall/postinstall lifecycle hooks
- package.json bin only points to apps/startx-cli/dist/index.mjs CLI
- apps/startx-cli/src/index.ts only registers ping/init/package commands; no import-time payload
- apps/startx-cli/src/commands/init.ts and package.ts implement scaffolding/copying selected templates into user chosen workspace
- No credential harvesting, persistence, destructive import-time behavior, or exfiltration found
- apps/cli/src/commands/common/hashing.ts only hashes/compares user-supplied strings locally
Source & flagged code
6 flagged · loading sourcePackage contains a possible secret pattern.
apps/cli/src/commands/common/hashing.tsView on unpkg · L27Package source references a known benign dynamic code generation pattern.
packages/aix/src/lib/convertor/variable-resolver.tsView on unpkg · L129Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
apps/startx-cli/dist/index.mjsView on unpkg · L177A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
apps/startx-cli/dist/index.mjsView on unpkgPackage source references dynamic require/import behavior.
apps/startx-cli/dist/index.mjsView on unpkg · L61Package source executes code through a VM context API.
packages/aix/src/tools/system/index.tsView on unpkg · L233