AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. An explicitly invoked onboarding CLI installs or updates first-party AI-agent extensions and configures Hostinger MCP servers. It also persists onboarding preferences, markers, OAuth state, and optional registry credentials under `~/.fazer-ai`. No install-time execution or covert attack chain is established.
Decision evidence
public snapshot- `dist/agents/codex.js` runs `codex mcp add` and plugin marketplace commands.
- `dist/agents/claude.js` adds MCP servers and installs/updates an `agents` plugin.
- `dist/agents/hermes-skills.js` replaces Hermes skill trees and lock entries.
- `dist/mcp.js` installs `hostinger-api-mcp@latest` under `~/.fazer-ai/mcp`.
- `dist/oauth.js` stores OAuth refresh-token cache with mode `0600`.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
- `dist/index.js` gates mutations behind explicit real CLI invocation; `--dry-run` returns before execution.
- `dist/mcp.js` does not inject the hub as an agent MCP and limits Hostinger MCP setup to a supplied token.
- No source evidence of covert exfiltration, destructive actions, eval, or remote payload execution.
- The bundled Python helpers are onboarding/deployment utilities, not import-time code.
Source & flagged code
2 flagged · loading sourcePackage ships non-JavaScript build or shell helper files.
dist/skills/agents-operation/scripts/simulate-load.pyView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/agents/hermes.jsView on unpkg