AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `package.json` `prepare` sets Git `core.hooksPath` when run inside a work tree.
- `dist/infra/managed-runtime-bootstrap.js` installs managed runtime files, symlinks, and an updater on Linux.
- `scripts/fased-managed-updater.mjs` downloads and activates release artifacts, then reinstalls/restarts the gateway service.
- `fased.mjs` imports and executes the CLI runtime when the user invokes `fased`.
- Scanner's bidi finding is benign: `dist/tui/tui-formatters.js` uses RTL isolate characters as named formatting constants.
- No `preinstall`, `install`, or `postinstall` lifecycle hook is declared.
- Managed bootstrap is reached from explicit `fased update` and `gateway install` command paths.
- Updater endpoints are fixed package-aligned GitHub Releases and npm registry URLs.
- `dist/infra/net/ssrf.js` blocks private, internal, special-use, and resolved private addresses.
- No inspected source showed credential harvesting, covert exfiltration, eval-based payload execution, or foreign AI-agent configuration writes.
Source & flagged code
8 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/infra/git-commit.jsView on unpkg · L19Package source references weak cryptographic algorithms.
extensions/voice-call/src/webhook-security.tsView on unpkg · L76Source reaches cloud instance metadata or link-local credential endpoints.
dist/infra/net/ssrf.jsView on unpkg · L2Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/tui/tui-formatters.jsView on unpkg · L18Package ships non-JavaScript build or shell helper files.
scripts/fased-managed-launcher.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/plugin-sdk/config-schema-BrkmtFxB.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/infra/managed-runtime-bootstrap.jsView on unpkg