I'm going to continue examining the code over the weekend to see if I can spot any bugs or problems, but my expectation is that I will find that regardless of your opinions of the author, that self-hosting this software does not increase your threat model if you take common-sense precautions.

Open-source means you shouldn't need to trust an author of code to run it. Eyeballs make bugs or exploits shallow. Now, there's no guarantee that the open source code matches what is offered as a hosted service, so I would want to see audits from *any* hosted appview operator other than bsky pbllc.

and as always, if you don't trust someone, don't trust an appview HOSTED by them. but if you're doing the work to self-host and have read the code, or have had someone you trust read the code, it's probably safe enough to use regardless of who the author is.

I also do not at this time have sufficient knowledge of how it runs/scales performance-wise, and it very well may be that it only will work for a handful of users and would choke on something the size of northsky or blacksky. but not my use case as a solo PDS and hopefully solo appview operator soon

I've also verified that there is no code present for reading or writing to Bluesky's DM service (which operates separate from the public ATProto mechanisms, and is the only private data in bsky), with the exception of one moderation hook that's passed through to enable filing reports for abusive DMs

TBQH you should be a lot more concerned about the safety of any moderation lists/labellers (see the recent Trombone incident in which he added people to lists that their behaviour did not correspond with, because in his sole judgment he viewed them as "multifacted threats" after public blowups)

and this was done not just to Doll, but also to Popehat and Will Stancil, demonstrating that this was not about community safety and was a lot more about trying to wield power over the network. Not to say you should trust software blindly, just, priorities and threat models!

Update: no significant findings, just some generic sloppiness (not slop) because is not a professional software engineer or security professional. I wouldn't blame this on Claude or Doll, sometimes you really do need to actually enumerate potential attack surfaces to check for them.

I personally am comfortable enough to set this running with my own PDS host and JWT/OAuth credentials and move on to functional testing. although there are some ergonomics things to address which I've opened a PR for (again, Doll is not a professional SWE, it had no reason to know about ghcr.io etc)

(I'm surprised, I thought Doll was a professional programmer working on AI.)