AI Security Review
scanned 12d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package modifies AI-agent control surfaces during npm install by installing its bundled skill globally or into Claude Code. That skill can steer future agent behavior toward installing/running aigateway and initiating wallet/payment flows without the user invoking the CLI first.
Decision evidence
public snapshot- scripts/postinstall.mjs install-time runs npx skills add -g -y --copy on package skill.
- scripts/postinstall.mjs fallback copies skills/aigateway to ~/.claude/skills/aigateway.
- skills/aigateway/SKILL.md instructs agents to run wallet-init unconditionally and npm install -g if missing.
- skills/aigateway/SKILL.md instructs paid x402 calls and OKX wallet authentication flows.
- package.json exposes a CLI for wallet and paid AI gateway operations; network/payment behavior is package-aligned.
- bin/cli.mjs imports command modules only on explicit command actions.
- src/okx-wallet.mjs wraps onchainos for user wallet login/sign/send, aligned with documented wallet mode.
- No credential harvesting/exfiltration or destructive filesystem behavior confirmed in inspected files.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L9Package source references child process execution.
scripts/postinstall.mjsView on unpkg · L12Package source invokes a package manager install command at runtime.
scripts/postinstall.mjsView on unpkg · L3This package version adds a dangerous source file absent from the previous stored version.
src/okx-wallet.mjsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
src/okx-wallet.mjsView on unpkg · L7Source file is highly similar to a previously finalized malicious package; route for source-aware review.
src/okx-wallet.mjsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
src/okx-wallet.mjsView on unpkgPackage ships high-entropy non-source blobs.
src/assets/fonts/sf-pro-display_medium_500.woff2View on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
src/walletconnect.mjsView on unpkg