AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installing the package automatically invokes `sdlc-cli install`. It writes a config if absent and deletes/replaces packaged skills under both Claude and generic agent skill directories.
Decision evidence
public snapshot- `package.json` runs `node ./dist/cli.js install || true` in `postinstall`.
- `dist/cli.js` resolves default targets to `~/.claude/skills` and `~/.agents/skills`.
- `installSkills` recursively removes then replaces each bundled skill directory at both targets.
- The automatic install path invokes skill copying without user interaction.
- Bundled `SKILL.md` files contain agent-operational instructions and are deployed to broad agent skill roots.
- The lifecycle command suppresses failures with `|| true`, reducing visibility of its mutations.
- `dist/cli.js` skips its optional global npm self-install when `npm_lifecycle_event` is `postinstall`.
- No hardcoded HTTP endpoint, credential harvesting, or exfiltration path was found in inspected sources.
- Git network operations are CLI workspace features driven by configured/user-supplied repository addresses.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
dist/cli.jsView on unpkg · L1Source fingerprint signature matches a known malicious package signature; route for source-aware review.
dist/cli.jsView on unpkg