AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/chunk-TLN7YK7T.js` executes LLM-returned `shell_exec` commands.
- `project_scaffold` deletes an existing user-project `src/` directory before writing files.
- `dist/update-C67XPWZS.js` runs global npm install only through explicit `intellicode update`.
- API responses can direct file and shell tools after normal CLI use.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
- `dist/cli.js` activates update, init, MCP, and agent flows only from user commands.
- Shell-danger patterns and existing-file writes prompt by default.
- No fixed external exfiltration endpoint, eval/vm payload, or foreign AI-agent config mutation found.
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-TLN7YK7T.jsView on unpkgPackage source references child process execution.
dist/chunk-TLN7YK7T.jsView on unpkg · L300Package source references weak cryptographic algorithms.
dist/knowledge-VZYH555V.jsView on unpkg · L80Package source invokes a package manager install command at runtime.
dist/update-C67XPWZS.jsView on unpkg · L19