AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/chunk-XTZNZ7MA.mjs` defaults ACP permission requests to `autoAllowPermissionHandler`.
- `dist/chunk-XTZNZ7MA.mjs` selects an `allow_*` permission option for agent tool requests.
- `dist/chunk-XTZNZ7MA.mjs` spawns the manifest-selected CLI in caller-supplied `cwd`.
- `dist/chunk-XTZNZ7MA.mjs` advertises ACP filesystem read/write capability to the spawned agent.
- `package.json` contains no preinstall, install, or postinstall hook.
- No hard-coded network endpoint, credential exfiltration, shell downloader, or payload fetch is present.
- Environment keys are forwarded only to the spawned CLI during an explicit runtime start.
- MCP configuration writes are runtime-only, caller-provided, and restored or removed on session close.
Source & flagged code
2 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-XTZNZ7MA.mjsView on unpkgPackage source references dynamic require/import behavior.
dist/chunk-XTZNZ7MA.mjsView on unpkg · L954