AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time attack behavior is established. When a user runs the CLI, it may discover configured Copilot extensions and fork an extension process that imports the selected local extension.
Decision evidence
public snapshot- `preloads/extension_bootstrap.mjs` dynamically imports `EXTENSION_PATH`.
- `copilot-sdk/docs/extensions.md` says the CLI discovers and forks project/user extensions.
- `copilot-sdk/index.js` can spawn the configured or bundled CLI runtime.
- `app.js` and `sdk/index.js` include project AI-agent config path handling.
- `package.json` has no preinstall, install, postinstall, or prepare hook.
- `npm-loader.js` only selects and synchronously starts the matching Copilot platform binary.
- The extension bootstrap redirects SDK imports and loads a supplied local file; no downloader or exfiltration endpoint is present.
- No package-owned persistence, destructive action, credential harvesting, or foreign control-surface mutation was confirmed.
Source & flagged code
10 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
index.jsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
index.jsView on unpkg · L8Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
index.jsView on unpkg · L8Package source references dynamic require/import behavior.
preloads/extension_bootstrap.mjsView on unpkg · L15Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
copilot-sdk/index.jsView on unpkg · L839Package ships native binary artifacts.
prebuilds/win32-x64/cli-native.nodeView on unpkgPackage contains source files above the static scanner size ceiling.
sdk/index.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
app.jsView on unpkg