AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The explicit `synapse install --write` command persists a package-owned shell/Claude Code integration. The explicit `synapse setup --write` command may download and execute Ollama's Linux installer.
Decision evidence
public snapshot- `lib/install.mjs` persists shell startup sourcing and modifies `~/.claude/settings.json` plus `~/.claude/CLAUDE.md` when explicitly run with `synapse install --write`.
- `lib/setup.mjs` can execute `curl -fsSL https://ollama.com/install.sh | sh` on Linux, but only after an interactive confirmation or explicit `--write`/`--yes`.
- `agents.sh` provides persistent AI-agent launch and gate controls once the user sources it.
- `package.json` has no npm lifecycle hooks, so installation does not execute package code.
- `lib/install.mjs` defaults to a printed dry run; its writes require explicit `--write`.
- `lib/setup.mjs` is advisory off-TTY and prompts by default before installing Ollama or pulling a model.
- Embedding traffic defaults to local Ollama at `http://localhost:11434`; no credential harvesting or exfiltration was found.
- CLI dynamic import is restricted to a fixed command-to-file map in `bin/synapse.mjs`.
Source & flagged code
7 flagged · loading sourcePackage source references dynamic require/import behavior.
bin/synapse.mjsView on unpkg · L74A single source file combines environment access, network access, and code or shell execution with blocking evidence.
lib/setup.mjsView on unpkg · L48Source downloads or fetches remote code and executes it.
lib/setup.mjsView on unpkg · L17Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
lib/setup.mjsView on unpkg · L17This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/install.mjsView on unpkg