AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installation mutates the consuming project's AI-agent instruction files. With no detected agent, it writes all supported control files by default. This is an unconsented postinstall modification of a broad foreign AI-agent control surface.
Decision evidence
public snapshot- `package.json` runs `node postinstall.js` on installation.
- `postinstall.js` activates for consumer installs under `node_modules` and targets `INIT_CWD` or the consumer project root.
- `postinstall/detect-agent.js` defaults to `all` when no agent environment is detected.
- `postinstall.js` writes project-root `AGENTS.md`, `CLAUDE.md`, and `.cursorrules` without user confirmation.
- `postinstall/agent-stubs.js` injects instructions directing coding agents to package-owned `templates/AGENT.md`.
- The postinstall source contains no network request, credential harvesting, shell execution, or destructive file deletion.
- Written stubs are small redirects to a package-local document rather than a remote payload.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/index.jsView on unpkg · L1Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli/index.jsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/cli/index.jsView on unpkg · L1Source file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/cli/index.jsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
dist/cli/index.jsView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
postinstall.jsView on unpkg · L24Package ships non-JavaScript build or shell helper files.
templates/docs/survey-ui/verify-agent-build.shView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/cli/index.mjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/index.jsView on unpkg