AI Security Review
scanned 2d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/health.js starts a persistent Alfe daemon with WebSocket cloud control and local IPC when CLI user runs daemon/start/install.
- dist/health.js handles cloud commands for daemon.update, runtime.update/restart, alfe.config_set, and integration command dispatch.
- dist/health.js can spawn openclaw/hermes runtimes and run npm install -g for CLI/runtime upgrades after cloud command.
- dist/health.js exposes MCP add/call/remove operations through the daemon IPC and bundler.
- dist/health.js user-invoked install writes launchd/systemd service files for persistence.
- package.json has no npm lifecycle hooks, so no install-time execution was found.
- dist/bin/gateway.js requires explicit CLI commands; default usage only prints help.
- Service persistence is behind explicit alfe-gateway install, not package install/import.
- Network endpoints derive from Alfe config/token or gateway.alfe.ai and are package-aligned.
- No credential harvesting beyond reading the Alfe API key/config needed for the gateway role was found.
- Scanner eval hit appears to be bundled library feature detection, not decoded remote payload execution.
Source & flagged code
6 flagged · loading sourceSource fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
dist/health.jsView on unpkg · L3A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/health.jsView on unpkgPackage source references dynamic require/import behavior.
dist/health.jsView on unpkg · L58Source writes installer persistence such as shell profile or service configuration.
dist/health.jsView on unpkg · L3