AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- Root `package.json` has no lifecycle hook.
- `node/bin/install.js` starts detached daemon, monitor, and watchdog.
- Installer writes workspace `.agent` files and `.env` configuration.
- Daemon exposes local Unix socket or loopback TCP enforcement.
- No outbound HTTP client, download, or credential exfiltration found.
- No eval, vm, or remote payload execution found.
- Systemd deployment requires explicit root-run shell script.
Source & flagged code
14 flagged · loading sourcePackage contains a critical-looking secret pattern.
python/agent_character_kit/enforcer.pyView on unpkg · L248RSA private key in python/agent_character_kit/enforcer.py
python/agent_character_kit/enforcer.pyView on unpkg · L248Package source references child process execution.
node/bin/install.jsView on unpkg · L26Source writes installer persistence such as shell profile or service configuration.
node/bin/aik.jsView on unpkg · L14A single source file combines environment access, network access, and code or shell execution with blocking evidence.
node/enforcer/agent_enforcer_daemon.jsView on unpkg · L23RSA private key in node/enforcer/agent_enforcer_daemon.js
node/enforcer/agent_enforcer_daemon.jsView on unpkg · L110RSA private key in node/enforcer/agent_enforcer_daemon.js
node/enforcer/agent_enforcer_daemon.jsView on unpkg · L118RSA private key in node/enforcer/agent_enforcer_daemon.js
node/enforcer/agent_enforcer_daemon.jsView on unpkg · L295Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
python/tests/python_parity_test.pyView on unpkgPackage ships non-JavaScript build or shell helper files.
python/tests/python_parity_test.pyView on unpkgRSA private key in python/example_workspace/.agent/habits/no-credential-leak.yaml
python/example_workspace/.agent/habits/no-credential-leak.yamlView on unpkg · L18RSA private key in python/example_workspace/.agent/habits/no-credential-leak.yaml
python/example_workspace/.agent/habits/no-credential-leak.yamlView on unpkg · L34RSA private key in node/examples/.agent/habits/no-credential-leak.yaml
node/examples/.agent/habits/no-credential-leak.yamlView on unpkg · L18RSA private key in node/examples/.agent/habits/no-credential-leak.yaml
node/examples/.agent/habits/no-credential-leak.yamlView on unpkg · L34