AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/commands/config_mcp.js` explicitly runs `npx add-mcp` with `@glubean/mcp@latest`.
- `config mcp --remove` can edit `~/.codex/config.toml`, `.cursor/mcp.json`, and Windsurf MCP config.
- `dist/commands/upgrade.js` runs a global npm install, but only through the explicit `glubean upgrade` command.
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- `bin/gb.js` only imports the CLI entrypoint; risky actions are registered as user-invoked commands.
- `dist/main.js` invokes MCP configuration only from `glubean config mcp`; `init` merely prints MCP setup guidance.
- `dist/update_check.js` contacts only `registry.npmjs.org` for a version check and caches it under `~/.glubean`.
- Dynamic imports in reviewed files resolve package-local modules or declared package dependencies; no remote payload loader was found.
Source & flagged code
7 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/version.jsView on unpkg · L4Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/commands/config_mcp.jsView on unpkg · L34Package source invokes a package manager install command at runtime.
dist/commands/upgrade.jsView on unpkg · L43This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/load.jsView on unpkg