AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `lib/usage.mjs` sends configured provider API keys as Bearer auth to a non-official configured base URL.
- `lib/usage.mjs` executes anti-bot JavaScript fragments from a gateway response with `node:vm`.
- `scripts/install.mjs` can add persistent Claude, Codex, and OpenCode integrations.
- `package.json` has no npm lifecycle scripts; installation changes require explicit `agent-tools` CLI use.
- Network targets derive from user/provider configuration and implement documented usage/quota queries.
- No hard-coded third-party exfiltration host, payload download, credential-file upload, or destructive action was found.
- Codex hook setup is explicitly disclosed and requires user approval in Codex.
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
statusline/claude/statusline.mjsView on unpkg · L12Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
statusline/claude/statusline.mjsView on unpkg · L12Package source executes code through a VM context API.
lib/usage.mjsView on unpkg · L12