AI Security Review
scanned 6h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Install-time lifecycle code mutates an Opencode agent skill directory in the consumer project. It plants package-supplied AI-agent instructions without an explicit user-invoked setup step.
Decision evidence
public snapshot- package.json runs postinstall: node skills/postinstall.js
- skills/postinstall.js creates .opencode/skills under process.cwd() at install time
- skills/postinstall.js symlinks or copies package markdown skills into that agent skill directory
- Dropped skills contain agent workflow instructions for book-writing and summarization
- No credential/env harvesting found in reviewed source
- No network calls or endpoints found
- No child_process, eval, native binary, or remote code loading found
- Runtime lib/writer.js is package-aligned book outline/chapter/review/export logic
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
skills/postinstall.jsView on unpkg · L5