AI Security Review
scanned 23h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The explicit `h1ve serve` command starts a paired loopback agent. A paired dashboard can write/remove local environment values or apply/delete deployment-provider environment variables using credentials supplied in its request.
Decision evidence
public snapshot- `dist/index.js` exposes explicit `h1ve serve` local-agent endpoints that write/remove environment variables and alter deployment-provider secrets.
- `/apply-deploy` and `/remove-deploy` accept supplied provider tokens and can mutate Vercel, Netlify, Fly, Railway, and Render environments.
- The local agent is invoked by a user command, but it is a consequential credential/deployment mutation capability.
- `package.json` has no preinstall/install/postinstall or other lifecycle hook.
- `dist/index.js` binds the agent only to `127.0.0.1`, checks Origin/Host, and requires a random pairing token.
- Local `.env.local` writes require the target file to be git-ignored and reject path traversal.
- No source evidence of stealthy harvesting, remote payload loading, or exfiltration outside declared H1VE/provider API requests.
Source & flagged code
2 flagged · loading sourceSource combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L1188