AI Security Review
scanned 13d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a Claude Code/Lineman plugin that routes opted-in tool output and file-assist requests to Lineman APIs and installs product hooks/statusline behavior.
Decision evidence
public snapshot- dist/main.js is heavily obfuscated/minified and is the CLI/main entrypoint.
- hooks/session-start.mjs injects Lineman usage guidance into Claude Code sessions and discourages native file-exploration tools.
- hooks/core/statusline-install.mjs can write ~/.claude/settings.json and copy a statusline script on session start.
- package.json has no install/postinstall lifecycle scripts; bin/main run only when invoked.
- Network calls are product-aligned Lineman APIs with URL allowlisting in dist/api-url-guard.js and hooks/core/lineman-config.mjs.
- dist/token-refresh.js refreshes OAuth tokens against configured authBaseUrl and writes ~/.lineman/config.json, matching documented auth behavior.
- hooks/lineman-call.mjs sends task content to /lineman/execute only when Lineman is enabled/authenticated.
- No credential harvesting, broad filesystem exfiltration, persistence, or destructive install-time behavior found.
Source & flagged code
5 flagged · loading sourcePackage source references dynamic require/import behavior.
start.mjsView on unpkg · L33Package source references weak cryptographic algorithms.
hooks/core/tier3-transport.mjsView on unpkg · L1Package contains source files above the static scanner size ceiling.
dist/main.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/main.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
dist/token-refresh.jsView on unpkg