AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Install-time code modifies AI coding-agent instruction/control files in the consuming project. It targets `INIT_CWD` or a parent of the installed package and defaults to writing all supported agent stubs without user consent.
Decision evidence
public snapshot- `package.json` runs `node postinstall.js` on install.
- `postinstall.js` treats `INIT_CWD` as target project root.
- `postinstall.js` unconditionally detects AI-agent environments during consumer installs.
- `postinstall.js` writes project `AGENTS.md`, `CLAUDE.md`, or `.cursorrules`.
- `postinstall/detect-agent.js` defaults to `all` when no agent signal exists.
- `postinstall/agent-stubs.js` inserts package-controlled instructions into agent control files.
- No credential harvesting or exfiltration appears in lifecycle source.
- No remote code loading, eval, or binary/native loading found.
- Runtime survey API calls are package-aligned SDK behavior.
- CLI shell/package-manager actions are user-invoked commands, not lifecycle actions.
Source & flagged code
8 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/index.jsView on unpkg · L1Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli/index.jsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/cli/index.jsView on unpkg · L1Install-time source drops package-supplied AI-agent/MCP control files or instructions.
postinstall.jsView on unpkg · L24Package ships non-JavaScript build or shell helper files.
templates/docs/survey-ui/verify-agent-build.shView on unpkg