AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious payload or install-time attack was found. A real CLI command-injection risk exists when opening URLs because user-controlled arguments are interpolated into a shell command.
Decision evidence
public snapshot- cli/openBrowser.js passes user-controlled project_code/namespace into child_process.exec without shell escaping
- cli/index.js disables TLS verification with NODE_TLS_REJECT_UNAUTHORIZED="0" at CLI startup
- cli/cookieClient.js persists captured Set-Cookie values to ./systemview.cookies.json
- api/index.js exposes local shutdown/log/connect methods under localhost SystemView API
- package.json has no install/preinstall/postinstall lifecycle hooks
- bin cli/index.js only runs when user invokes systemview command
- network use is local SystemView API or user/manifest-supplied SystemLynx service URLs
- no credential harvesting, broad filesystem crawling, persistence, or external hardcoded exfiltration endpoint found
- build/static/js findings appear bundled React/app code, not install-time remote payload execution
Source & flagged code
5 flagged · loading sourceSource downloads or fetches remote code and executes it.
build/static/js/main.72103448.jsView on unpkg · L1Package source references dynamic code evaluation.
build/static/js/main.72103448.jsView on unpkg · L1Package source references dynamic require/import behavior.
cli/cookieClient.jsView on unpkg · L1Manifest entrypoint contains risky behavior absent from dist/build output.
cli/index.jsView on unpkg · L2