adventure

This package does not contain clear malware (no hidden backdoor, obfuscated payload, or network beacon designed to exfiltrate secrets). However, it contains high-risk patterns that can be exploited in a supply-chain or untrusted-content scenario: notably eval() of guard strings from world data and client-side use of user API keys for third-party AI services. If world.json/ROOM.yml files or other registry data are untrusted, an attacker can execute arbitrary code in the engine context, manipulate game state, or cause unintended network requests. Recommend: avoid loading untrusted world data, remove or sandbox eval usage (use a safe expression evaluator or predefined hooks), never embed API keys directly into client-side code, validate and sanitize model responses before JSON.parse and before using them to affect game logic.

The documented codebase contains several high-risk patterns that enable remote or local compromise when untrusted world data or user-supplied content is used: runtime evaluation of code fields (JS and Python) allows arbitrary code execution; postMessage('*') in OAuth flows and insecure DOM insertion enable token leakage and XSS-driven exfiltration; path concatenation from merge operations enables path traversal and arbitrary file writes. These are not necessarily intentionally malicious, but they are dangerous design choices for a package that loads external worlds or runs as a web service. Immediate mitigations: avoid eval/new Function where possible or implement a strict sandbox/allow-list, restrict postMessage targets and validate origins on sender side, escape/sanitize all HTML inserted from data, sanitize file write targets and reject path traversal, stop storing secrets in localStorage or use secure vaults, and avoid including API keys in URLs. Overall, this is a high-attack-surface project with legitimate functionality but multiple actionable security issues that should be fixed before accepting untrusted inputs or running as a multi-user service.