AI Security Review
scanned 4d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malware behavior, but the package is an AI-agent platform extension that can install package-managed OpenCode agents and automate ClickUp/GitHub/OpenCode workflows when activated. Residual risk is platform extension lifecycle and dangerous agent-facing tooling, not unconsented npm install compromise.
Decision evidence
public snapshot- dist/index.js config hook writes package-managed agent markdown into process.env.OPENCODE_CONFIG_DIR/agents
- dist/index.js starts ClickUp/GitHub webhook listener and assignment watchdog when configured and runtime owner
- dist/index.js exposes QA tools that evaluate user-supplied browser/CDP scripts via new Function
- dist/sanitize_cli.js user-invoked bin can SSH to a host and mutate discovered OpenCode worktree metadata
- package.json has no npm lifecycle install hooks
- package.json declares an OpenCode plugin and bin, matching the package purpose
- Network calls are ClickUp/GitHub/OpenCode/localhost/ChatGPT QA endpoints tied to documented Optima workflow features
- Writes are guarded by plugin activation/config or explicit CLI/tool use, not automatic npm install
- No credential harvesting or exfiltration path found; secrets are resolved for configured API/webhook clients and redacted in logs
- sanitize CLI defaults to a Defend OpenCode DB path and supports dry-run; remote SSH is explicit via --host
Source & flagged code
5 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L15489Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L14933Package source references dynamic require/import behavior.
scripts/optima-sanitize-host.jsView on unpkg · L9Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/sanitize_cli.jsView on unpkg · L2592