AI Security Review
scanned 5h ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. Sensitive primitives are framework-aligned devserver, compiler, email, update-check, and project scaffolding features invoked by users.
Decision evidence
public snapshot- package.json has no preinstall/install/postinstall hook; only prepublishOnly/build scripts.
- src/cli/index.ts runs functionality only after explicit toiljs CLI commands.
- src/cli/proc.ts child_process spawn is a CLI helper with fixed/allowlisted args for install/build tooling.
- src/compiler/plugin.ts AI fetches are devtool endpoints gated by config and same-origin checks, not install-time exfiltration.
- src/compiler/docs.ts and src/cli/create.ts scaffold AGENTS.md/CLAUDE.md/.cursor files only during explicit toiljs create selection.
- tests/data-parity/generated-parity.ts spawnSync is a test fixture, not package runtime.
Source & flagged code
4 flagged · loading sourcePackage source references child process execution.
tests/data-parity/generated-parity.tsView on unpkg · L9Package source references dynamic require/import behavior.
tests/data-parity/generated-parity.tsView on unpkg · L60A single source file combines environment access, network access, and code or shell execution; review context before blocking.
build/compiler/plugin.jsView on unpkg · L1