AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malware behavior, but the CLI has a shell-injection vulnerability in browser opening. Other risky primitives are aligned with a SystemLynx testing UI and user-connected services.
Decision evidence
public snapshot- cli/openBrowser.js builds shell command with unsanitized project_code/namespace URL and passes it to child_process.exec.
- cli/index.js disables TLS verification globally with NODE_TLS_REJECT_UNAUTHORIZED="0".
- cli/probe.js and testing-utilities/Test.class.js invoke methods on user-connected SystemLynx services from manifest/UI data.
- cookieClient.js persists captured cookies to process cwd systemview.cookies.json.
- api/Connections.js ships and mutates api/connections.json service records.
- package.json has no preinstall/install/postinstall lifecycle hooks.
- Network activity is local UI or explicit user-supplied service URLs for the package's testing/documentation CLI.
- No credential harvesting, hardcoded exfiltration endpoint, persistence, destructive install behavior, or AI-agent control-surface mutation found.
- Scanner eval/download finding is in bundled React app/library code; source inspection found no remote payload download-execute chain.
- File writes are package-aligned state/snapshot/manifest/test helper outputs triggered by CLI/UI actions.
Source & flagged code
5 flagged · loading sourceSource downloads or fetches remote code and executes it.
build/static/js/main.c7a05ef5.jsView on unpkg · L1Package source references dynamic code evaluation.
build/static/js/main.c7a05ef5.jsView on unpkg · L1Package source references dynamic require/import behavior.
cli/cookieClient.jsView on unpkg · L1Manifest entrypoint contains risky behavior absent from dist/build output.
cli/index.jsView on unpkg · L2