AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/cli/commands/agent-commands.js explicit `agent install` writes Brainlink MCP config to ~/.codex/config.toml
- dist/cli/commands/agent-commands.js can add local Brainlink plugin symlink and marketplace entry under user home
- dist/cli/commands/write/vault-lifecycle-commands.js `quickstart` defaults to running agent integration unless --no-install-agent
- package.json has no preinstall/install/postinstall lifecycle hooks
- dist/cli/main.js only runs after CLI invocation; update check is non-blocking and configurable
- dist/application/check-package-update.js contacts npm registry only for latest version metadata and caches locally
- dist/application/vault-git-core.js uses execFile for git and rejects inline credential remotes
- dist/mcp/server.js exposes package-aligned local memory/vault tools, not hidden exfiltration
- No credential harvesting, remote payload loading, destructive install-time behavior, or broad unconsented mutation found
Source & flagged code
3 flagged · loading sourcedist/cli/commands/agent-commands.js explicit `agent install` writes Brainlink MCP config to ~/.codex/config.toml
dist/cli/commands/agent-commands.jsView on unpkgdist/cli/commands/agent-commands.js can add local Brainlink plugin symlink and marketplace entry under user home
dist/cli/commands/agent-commands.jsView on unpkgdist/cli/commands/write/vault-lifecycle-commands.js `quickstart` defaults to running agent integration unless --no-install-agent
dist/cli/commands/write/vault-lifecycle-commands.jsView on unpkg