AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/node/factory-node.js` can spawn Claude/Codex agents and run configured TS/TSX/Python workflows.
- `dist/orchestrator/reaper.js` can terminate registered stale agent processes with SIGTERM/SIGKILL.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `bin/factory.mjs` dynamically imports only its fixed local `dist/cli/fleet.js` entrypoint.
- `dist/mount/local-mount-preflight.js` launches relayfile only during explicit factory runtime commands.
- `dist/node/factory-node.js` restricts supplied checkout paths to configured clone paths or cloneRoot.
- No source evidence of credential harvesting, hidden remote payload loading, eval/vm execution, or hard-coded exfiltration endpoint.
Source & flagged code
3 flagged · loading sourcePackage source references dynamic require/import behavior.
bin/factory.mjsView on unpkg · L5Package ships non-JavaScript build or shell helper files.
scripts/factory-canary.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli/fleet.jsView on unpkg