AI Security Review
scanned 17h ago · by lpm-firewall-aiInstall-time lifecycle code mutates AI-agent control surfaces by globally installing a bundled skill/instructions. The installed skill can cause agents to run wallet/payment setup commands in future user sessions.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall.mjs
- scripts/postinstall.mjs runs npx skills add skills/aicard -g -y --copy during install
- scripts/postinstall.mjs fallback copies bundled skill to ~/.claude/skills/aicard without user action
- skills/aicard/SKILL.md instructs agents to always run aicard setup --check, which auto-generates and stores a wallet key
- src/update-check.mjs runs npm view on CLI startup and can spawn background npm install -g plus postinstall
- CLI code and docs are broadly aligned with virtual card, WalletConnect, and x402 payment functionality
- No source evidence of generic credential harvesting or direct exfiltration of env/files beyond payment/config flows
- Wallet transactions appear user-facing through WalletConnect or local wallet commands
Source & flagged code
6 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L9Package source references child process execution.
scripts/postinstall.mjsView on unpkg · L12Package source invokes a package manager install command at runtime.
scripts/postinstall.mjsView on unpkg · L3Source file is highly similar to a previously finalized malicious package; route for source-aware review.
src/walletconnect.mjsView on unpkg