AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `spur init` explicitly writes bundled config and a root `AGENTS.md` template.
- The template directs AI coding agents toward Spur commands, skills, and subagents.
- `spur agent run` and `workflow run --async` can launch configured local agent/workflow processes.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
- Writes are reached through explicit CLI commands, not import/install execution.
- Observed team HTTP calls default to `http://localhost:3000/api`; no credential-exfiltration endpoint was found.
- No first-party source evidence of secret harvesting, remote payload loading, or destructive broad filesystem behavior.
Source & flagged code
3 flagged · loading sourcePackage source references dynamic require/import behavior.
web/_astro/BoardApp.DjpO2XHn.jsView on unpkg · L4Package contains source files above the static scanner size ceiling.
spur.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
spur.jsView on unpkg