AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established by source inspection. The install hook rebuilds a native dependency and runtime behavior is a Discord adapter that captures/replies to messages using configured credentials.
Decision evidence
public snapshot- package.json defines a postinstall that deletes better-sqlite3 build directories and runs npm rebuild better-sqlite3.
- dist/index.js uses execSync only for user-invoked --reset-config to run 'usrcp setup --adapter=discord'.
- dist/index.js logs into Discord using configured token and reads USRCP_PASSPHRASE for the local ledger.
- No import-time execution: dist/index.js calls main only when require.main === module.
- Network use is package-aligned: discord.js bot login/replies and Anthropic SDK use configured user credentials.
- Config and credentials are loaded from local USRCP config/env for declared Discord adapter behavior.
- No code found that harvests arbitrary files, exfiltrates secrets, persists, or mutates AI-agent control surfaces in inspected entrypoint/manifest.
Source & flagged code
5 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/setup.jsView on unpkg · L46Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/setup.jsView on unpkg · L169