AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The npm postinstall lifecycle mutates Claude Code agent control surfaces in the user's home directory without explicit user invocation. It plants package-supplied skills immediately and, for existing setups, refreshes MCP registration, hooks, and daemon supervisor state.
Decision evidence
public snapshot- package.json runs postinstall: node dist/bin/install.js --commands-only || true
- dist/bin/install.js postinstall path calls copySlashCommands before checking setup state
- dist/chunk-EVV2G3CW.js copies package src/commands/*.md into ~/.claude/skills/*/SKILL.md
- If setup already exists, postinstall also registers ~/.claude.json MCP and ~/.claude/settings.json hooks
- dist/installer-EGY5GPB7.js global install mutates ~/.codex/hooks.json and ~/.codex/config.toml
- Installer creates launchd/systemd daemon supervisors and deferred restart files under user home
- Network endpoints seen are package-aligned askexe.com/api.askexe.com or local daemon endpoints
- Cloud activation in dist/chunk-OG5CXUHI.js is interactive/env-driven setup, not the postinstall path
- No evidence of arbitrary remote code download executed during postinstall; daemon uses packaged dist/lib/exe-daemon.js
Source & flagged code
13 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references child process execution.
dist/chunk-75H4R62K.jsView on unpkg · L1Source appears to send environment or credential material to an external endpoint.
dist/chunk-OG5CXUHI.jsView on unpkg · L22A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/chunk-OG5CXUHI.jsView on unpkg · L22Package source references dynamic require/import behavior.
dist/chunk-XZHA3WO2.jsView on unpkg · L419Source writes installer persistence such as shell profile or service configuration.
dist/chunk-KADUJ7PE.jsView on unpkg · L12A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/project-boot-27QXVGY3.jsView on unpkg · L8Install-time source drops package-supplied AI-agent/MCP control files or instructions.
dist/bin/install.jsView on unpkg · L92This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/bin/deferred-daemon-restart.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/bin/deferred-daemon-restart.jsView on unpkg · L135Package ships non-JavaScript build or shell helper files.
dist/bin/exe-start.shView on unpkg