AI Security Review
scanned 5d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Confirmed install-time mutation of AI-agent control directories. The package drops skills/plugins/commands into ~/.codex during npm postinstall, creating an unconsented agent control-surface change.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/link-skills.mjs
- scripts/link-skills.mjs copies package commands/plugins into ~/.codex by default during install
- scripts/link-skills.mjs writes ~/.codex/commands and ~/.codex/plugins control-surface files without an explicit user command
- plugins/linear/skills/linear/bin/linear.mjs sends GraphQL requests to https://api.linear.app/graphql only when invoked with LINEAR_API_KEY
- No obfuscation, eval/vm/Function, native binary, or dynamic remote code loading found in searched source
- Linear network use is package-aligned and user-invoked, not install-time exfiltration
- No credential harvesting beyond reading LINEAR_API_KEY for Linear API authorization
- No destructive file operations found; unlink mode removes only installed links/copies under ~/.codex
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource writes installer persistence such as shell profile or service configuration.
plugins/linear/skills/linear/bin/linear.mjsView on unpkg · L11Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/link-skills.mjsView on unpkg · L5