AI Security Review
scanned 15d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Global installation activates a lifecycle script that forcibly replaces the codex launcher in the npm prefix. This can hijack the AI-agent command surface for users expecting the official Codex CLI.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall.mjs
- scripts/postinstall.mjs runs only on global installs then removes and replaces prefix bin launcher paths
- scripts/postinstall.mjs writes codex.cmd/codex.ps1 on Windows and symlinks prefix/bin/codex on POSIX
- bin/codex.js exposes bin name codex and spawns a platform native binary from @codexed optional packages
- README.md instructs installing official @openai/codex while this package is @codexed/codex
- No source-level credential harvesting or secret file reads found
- No runtime network code found in package source
- Postinstall is limited to global install detection and launcher replacement
- Only four package files are present and all were inspected
Source & flagged code
3 flagged · loading sourceTarball package.json differs from the npm registry version manifest for scripts or dependency sets.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkg