AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `abide init-agent` in a project.
Impact
Can alter AI-agent guidance for that project after a user-invoked command.
Mechanism
Writes or refreshes a bounded Abide guide block in project-root `CLAUDE.md`.
Rationale
This is an explicit-user-command AI-agent configuration mutation, which is warn-worthy under the stated policy, not concrete malware. Source inspection found no automatic or unconsented execution chain.
Evidence
package.jsonbin/abide.tssrc/initAgent.tssrc/lib/server/runtime/maybeMountInspector.tsCLAUDE.md
Decision evidence
public snapshotAI called this Suspicious at 95.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `src/initAgent.ts` writes a marker-delimited guide into `<cwd>/CLAUDE.md`.
- `bin/abide.ts` exposes this write through the explicit `abide init-agent` command.
Evidence against
- `package.json` contains no `preinstall`, `install`, `postinstall`, or other lifecycle hook.
- The agent-file write preserves surrounding content and only replaces its own fenced block.
- No credential harvesting, exfiltration endpoint, hidden payload execution, or automatic agent-control mutation was found.
- Dynamic inspector loading is opt-in through `ABIDE_ENABLE_INSPECTOR=true` and an explicitly installed optional package.
Behavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkWebSocket
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcesrc/lib/ui/compile/parseTemplateRecovering.tsView file
57/* A line-leading static `import` in a nested script body. The `(?=\s)` requires
L58: whitespace after the keyword (sparing `import.meta` and no-space `import(...)`),
L59: and `(?!\s*\()` spares a dynamic `import (...)` written with whitespace before the
Medium
Dynamic Require
Package source references dynamic require/import behavior.
src/lib/ui/compile/parseTemplateRecovering.tsView on unpkg · L57src/devEntry.tsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @abide/abide@0.46.0
matchedIdentity = npm:QGFiaWRlL2FiaWRl:0.46.0
similarity = 0.525
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/devEntry.tsView on unpkgFindings
1 High3 Medium4 Low
HighPrevious Version Dangerous Deltasrc/devEntry.ts
MediumDynamic Requiresrc/lib/ui/compile/parseTemplateRecovering.ts
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings