AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package mutates broad AI-agent skill directories during npm postinstall. This creates agent instructions for multiple third-party agent surfaces without an explicit user command.
Decision evidence
public snapshot- package.json defines postinstall: node install.js
- install.js copies bundled skills into ~/.agents/skills, ~/.claude/skills, ~/.cursor/skills, and ~/.codex/skills
- install.js extracts assets/workctl-skills.zip during install and installs under a workctl skill directory
- install.js deletes ~/.workctl/cache when present
- No credential harvesting or exfiltration code found in JS sources
- No package JS network calls found
- bin/workctl.js only locates a platform optional dependency binary and spawns it on user CLI invocation
- Zip inventory contains markdown skill/reference files, not executables
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage ships high-entropy non-source blobs.
assets/workctl-skills.zipView on unpkgPackage ships compressed or archive-like blobs.
assets/workctl-skills.zipView on unpkgPackage ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
assets/workctl-skills.zipView on unpkg