AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/index.cjs` exposes an explicit `run-session` command that accepts task/prompt/session credentials from `AIDEN_*` environment variables.
- `dist/index.cjs` connects an agent Socket.IO/WebSocket client using a session token and executes received Aiden session tasks.
- Explicit `setup`/`login` write runtime and local-daemon tokens to the package-owned `~/.aiden/agent` configuration directory.
- `dist/index.cjs` invokes `git` for agent worktree operations, constrained by path/ref validation.
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- No source match found for `eval`, `new Function`, `vm`, or decoding fetched content into executable code.
- Network behavior is Aiden runtime registration, device authorization, local daemon control, and session connectivity rather than covert exfiltration.
- The scanner's child-process/decode finding includes bundled `xmlhttprequest-ssl` support code; package-owned calls are explicit CLI runtime operations.
Source & flagged code
4 flagged · loading sourceSource fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
dist/index.cjsView on unpkg · L32A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.cjsView on unpkgPackage source references weak cryptographic algorithms.
dist/index.cjsView on unpkg · L32