AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package performs user-invoked web research, optional local SearXNG Docker management, and explicit MCP configuration.
Decision evidence
public snapshot- `package.json` defines no preinstall/install/postinstall hooks.
- `dist/index.js` activates setup, uninstall, Docker, and doctor functions only via explicit CLI commands.
- `dist/watch/ssrf.js` blocks metadata hostnames, loopback, private, and link-local address ranges.
- `dist/extraction/site-extractors/amazon.js` uses invisible characters only in a cleanup regex for scraped text.
- `dist/plugins/loader.js` imports only plugins from the configured local plugins directory.
- `dist/cli/tui/config-writer.js` adds a named wigolo MCP entry only for selected agents.
Source & flagged code
7 flagged · loading sourcePackage source references child process execution.
dist/searxng/docker.jsView on unpkg · L1Package source references dynamic require/import behavior.
dist/plugins/loader.jsView on unpkg · L84Package source references weak cryptographic algorithms.
dist/search/evidence.jsView on unpkg · L1Source reaches cloud instance metadata or link-local credential endpoints.
dist/watch/ssrf.jsView on unpkg · L1Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/extraction/site-extractors/amazon.jsView on unpkg · L249A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/extraction/site-extractors/amazon.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/cli/doctor.jsView on unpkg · L62