AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- lib/codex/install.js explicitly writes Codex config/hooks and project AGENTS.md when user runs `dashclaw install codex`.
- lib/claude/install.js explicitly writes Claude Code hook settings and hook credentials when user runs `dashclaw install claude`.
- lib/code/ingest.js and lib/code/ingest-codex.js can read local agent transcript JSONL files and POST/write them on explicit ingest commands.
- package.json has no preinstall/install/postinstall lifecycle scripts.
- bin/dashclaw.js only dispatches user-invoked CLI commands; no import-time install or config mutation seen.
- Network calls are DashClaw-aligned: configured baseUrl, hosted.dashclaw.io trial, registry.npmjs.org, api.github.com, codeload.github.com.
- lib/env.js fetches managed secrets from the configured DashClaw instance and injects them only into a user-supplied child process; comments and code avoid printing values.
- Runtime `npm install` in lib/up/run.js is part of explicit `dashclaw up` local app provisioning, not install-time execution.
Source & flagged code
4 flagged · loading sourcePackage source invokes a package manager install command at runtime.
lib/up/run.jsView on unpkg · L2This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/up/index.jsView on unpkg