registry  /  vibe-lm  /  0.2.4

vibe-lm@0.2.4

A comprehensive set of agentic tools for LM Studio: file operations, web fetching/search, memory, SSH, and an autonomous vibe_bridge keep-alive loop.

AI Security Review

scanned 4h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is an LM Studio agent-tool extension with explicit runtime file, shell, SSH, web, and memory capabilities; it has no install hook or foreign agent-control-surface mutation.

Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
LM Studio loads the plugin; individual capabilities require registered-tool invocation.
Impact
Enabled tools can perform their declared actions, but no covert payload, credential exfiltration, or install-time persistence was found.
Mechanism
User/model-invoked agent tools and package-owned session persistence.
Rationale
Direct source inspection shows a featureful but overt LM Studio agent extension, not a malicious chain. Scanner signals map to a source ZIP, package-owned persistence, and declared runtime tools rather than stealthy behavior.
Evidence
package.jsonsrc/index.tssrc/toolsProvider.tssrc/toolSettings.tsrelease/vibeLM-v0.2.4.ziptests/test_build.sh
Network endpoints2
localhost:${LMSTUDIO_API_PORT}/v1/modelslocalhost:8394/search

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with medium false-positive risk.
Evidence for block
    Evidence against
    • package.json declares no npm lifecycle hook.
    • src/index.ts only probes LM Studio on localhost before registration.
    • Persistence is limited to package-owned LM Studio data paths.
    • Shell, SSH, web, and file functions are explicit runtime tools.
    • release/vibeLM-v0.2.4.zip contains matching source/build assets.
    • tests/test_build.sh is an inert placeholder script.
    Behavioral surface
    Source
    ChildProcessCryptoEnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 18 file(s), 428 KB of source, external domains: example.com, one.com, search.example.com, two.com

    Source & flagged code

    9 flagged · loading source
    dist/toolsProvider.jsView file
    matchType = previous_version_dangerous_delta matchedPackage = vibe-lm@0.2.3 matchedIdentity = npm:dmliZS1sbQ:0.2.3 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
    High
    Previous Version Dangerous Delta

    This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

    dist/toolsProvider.jsView on unpkg
    69const toolSettings_1 = require("./toolSettings"); L70: const LMSTUDIO_API_PORT = process.env.LMSTUDIO_API_PORT || "1234"; L71: const API_BASE = `http://localhost:${LMSTUDIO_API_PORT}`; L72: // Persistent runtime data lives under extensions/data, NOT extensions/plugins — `lms dev --install` ... L298: } L299: const data = await resp.json(); L300: if (!data?.data?.length) { ... L1046: // Classify a tool result into a coarse outcome plus a short human-readable detail. Shell tools report L1047: // success/failure through the command's exitCode (a failed command still returns ok:true at the tool L1048: // layer), so they're inspected specially; everything else keys off the tool's own ok flag. ... L1458: ok: true, L1459: data: {
    Medium
    Install Persistence

    Source writes installer persistence such as shell profile or service configuration.

    dist/toolsProvider.jsView on unpkg · L69
    tests/test_build.shView file
    path = tests/test_build.sh kind = payload_in_excluded_dir sizeBytes = 1418 magicHex = [redacted]
    High
    Payload In Excluded Dir

    Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

    tests/test_build.shView on unpkg
    path = tests/test_build.sh kind = build_helper sizeBytes = 1418 magicHex = [redacted]
    Medium
    Ships Build Helper

    Package ships non-JavaScript build or shell helper files.

    tests/test_build.shView on unpkg
    release/vibeLM-v0.2.4.zipView file
    path = release/vibeLM-v0.2.4.zip kind = high_entropy_blob sizeBytes = 145095 magicHex = [redacted]
    High
    Ships High Entropy Blob

    Package ships high-entropy non-source blobs.

    release/vibeLM-v0.2.4.zipView on unpkg
    path = release/vibeLM-v0.2.4.zip kind = compressed_blob sizeBytes = 145095 magicHex = [redacted]
    Medium
    Ships Compressed Blob

    Package ships compressed or archive-like blobs.

    release/vibeLM-v0.2.4.zipView on unpkg
    path = release/vibeLM-v0.2.4.zip kind = nested_archive_needs_inspection sizeBytes = 145095 magicHex = [redacted]
    Low
    Nested Archive Needs Inspection

    Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.

    release/vibeLM-v0.2.4.zipView on unpkg
    tests/cascade.test.tsView file
    388patternName = generic_password severity = medium line = 388 matchedText = { host: ..." },
    Medium
    Secret Pattern

    Hardcoded password in tests/cascade.test.ts

    tests/cascade.test.tsView on unpkg · L388
    tests/tools.test.tsView file
    153patternName = generic_password severity = medium line = 153 matchedText = password...nt",
    Medium
    Secret Pattern

    Hardcoded password in tests/tools.test.ts

    tests/tools.test.tsView on unpkg · L153

    Findings

    3 High8 Medium5 Low
    HighShips High Entropy Blobrelease/vibeLM-v0.2.4.zip
    HighPayload In Excluded Dirtests/test_build.sh
    HighPrevious Version Dangerous Deltadist/toolsProvider.js
    MediumNetwork
    MediumEnvironment Vars
    MediumInstall Persistencedist/toolsProvider.js
    MediumShips Build Helpertests/test_build.sh
    MediumShips Compressed Blobrelease/vibeLM-v0.2.4.zip
    MediumStructural Risk Force Deep Review
    MediumSecret Patterntests/cascade.test.ts
    MediumSecret Patterntests/tools.test.ts
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings
    LowNested Archive Needs Inspectionrelease/vibeLM-v0.2.4.zip