AI Security Review
scanned 3h ago · by lpm-firewall-aiOn installation, the package creates `~/.switchboard/runtime` and invokes npm to fetch native/runtime dependencies. Its interactive CLI can later run local routing/proxy features and optionally configure Switchboard autostart; no confirmed hostile or foreign agent-control-surface mutation was found.
Decision evidence
public snapshot- `package.json` runs `hooks/postinstall.js` automatically.
- `hooks/sqliteRuntime.js` executes `npm install` for pinned `sql.js` and `better-sqlite3` in `~/.switchboard/runtime`.
- `hooks/trayRuntime.js` similarly installs pinned `systray2` on macOS/Linux.
- `src/cli/tray/autostart.js` can create OS autostart entries for Switchboard.
- Install-time writes are confined to the package-owned `~/.switchboard/runtime` directory.
- The lifecycle hook has no source evidence of credential harvesting, exfiltration, remote payload execution, or AI-agent config mutation.
- Agent-tool setup shown in `src/cli/menus/cliTools.js` is exposed through interactive CLI actions.
- Static blob/secret hints point to generated `.next-cli-build` artifacts and do not establish an attack chain.
Source & flagged code
16 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a critical-looking secret pattern.
app/.next-cli-build/server/chunks/3675.jsView on unpkg · L1RSA private key in app/.next-cli-build/server/chunks/3675.js
app/.next-cli-build/server/chunks/3675.jsView on unpkg · L1Package source references child process execution.
app/src/mitm/server.jsView on unpkg · L32A single source file combines environment access, network access, and code or shell execution; review context before blocking.
app/src/mitm/server.jsView on unpkg · L24Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
app/src/mitm/server.jsView on unpkg · L24Package source references dynamic require/import behavior.
app/server.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
src/cli/tray/autostart.jsView on unpkg · L3This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
cli.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
cli.jsView on unpkg · L2Package source invokes a package manager install command at runtime.
app/src/lib/updater/updater.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
src/cli/tray/tray.ps1View on unpkgPackage ships high-entropy non-source blobs.
app/.next-cli-build/server/app/favicon.ico.bodyView on unpkgPackage hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
app/.next-cli-build/server/app/favicon.ico.bodyView on unpkgRSA private key in app/.next-cli-build/server/chunks/9078.js
app/.next-cli-build/server/chunks/9078.jsView on unpkg · L1