AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/cli.js implements explicit `dbgraph install` config mutation.
- The command writes MCP entries invoking `npx -y -p @elkindev/dbgraph dbgraph-mcp`.
- Target configs include Claude, Cursor, Gemini, VS Code, opencode, and Codex.
- dist/mcp.js starts an MCP server only when its bin is invoked.
- package.json has no preinstall, install, postinstall, or prepare lifecycle hook.
- CLI startup is guarded by a direct-bin invocation check.
- Agent-config writes require the explicit `install` command.
- No package-owned credential exfiltration endpoint was found.
Source & flagged code
8 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L316Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L389Package source references weak cryptographic algorithms.
dist/index.jsView on unpkg · L316Source reaches cloud instance metadata or link-local credential endpoints.
dist/lib-UM52B2AB.jsView on unpkg · L83Package contains source files above the static scanner size ceiling.
dist/tedious-3WZBQM6C.jsView on unpkg