AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/cli.mjs` installs user-selected skill content into agent skill directories and creates symlinks.
- Explicit `add` flows can synchronize agent context-file links and append managed entries to `.gitignore`.
- `dist/cli.mjs` sends opt-out telemetry containing command metadata, selected skills, and detected agent.
- The manifest version is `1.5.15.1`, inconsistent with the reviewed package-version label.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- `bin/cli.mjs` only enables Node compile cache then imports `dist/cli.mjs`.
- All filesystem mutation is reached through explicit CLI commands such as `add`, `remove`, `init`, or `update`.
- GitHub tokens are used only as Authorization for GitHub API tree requests; no token exfiltration endpoint is present.
- No eval/vm/native payload loading, credential harvesting, destructive payload, or stealth persistence was confirmed.
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
dist/_chunks/libs/common.mjsView on unpkg · L9This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.mjsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.mjsView on unpkg · L12