AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The user-invoked CLI installs and refreshes Genex-owned AI-agent skill templates in detected user agent directories. Explicit deployment commands upload selected project files and push source using user authorization.
Decision evidence
public snapshot- `dist/index.js` `genex init` copies bundled skills into `~/.claude`, `~/.codex`, or `~/.cursor`.
- Non-`init` CLI commands re-sync existing `genex-*` agent skills automatically.
- `preview`/`publish` enumerate project files and upload them after an explicit user command.
- The CLI stores `GENEX_TOKEN` in `~/.genex/env` and uses it for the configured Genex API.
- `package.json` has no `preinstall`, `install`, or `postinstall` hook.
- Agent-control writes occur only through an invoked CLI command, not package installation or import.
- Template copying preserves non-Genex files unless `--force`; managed paths are Genex-prefixed.
- Deployment excludes `.env*`, `.git`, `.genex`, `node_modules`, and `dist` from source collection/push.
- `dist/index.js` includes Sentry token/path scrubbing and telemetry opt-out controls.
- No eval, dynamic code loading, stealth persistence, or unconsented credential harvesting was found.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
dist/index.jsView on unpkg · L10A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.jsView on unpkg · L10