AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/index.js imports @anthropic-ai/claude-agent-sdk and runs query() with Read/Edit/Write/Bash/Glob/Grep tools for user tasks
- dist/index.js exposes readFileAction that reads an input filePath and returns text or base64 image data
- dist/index.js has user-invoked plugin install/update flows spawning yarn/npm/npx and writing .aiditor/plugin-setup-status.json
- plugin.yaml setup handler copies aiditor-add-menu.md and may append agent-kit/plugin/INSTRUCTIONS.md
- package.json has no preinstall/install/postinstall lifecycle hooks
- Runtime shell/package-manager use is behind exported Jay actions, not import-time or install-time execution
- Network references are package-aligned: Claude Agent SDK use and npm version lookup/install for selected Jay plugins
- No credential harvesting, obfuscated payload, persistence, destructive file removal, or hardcoded exfiltration endpoint found
- AI-agent setup writes first-party AIditor guidance under agent-kit/plugin, not a foreign broad control-surface takeover
Source & flagged code
4 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L1878