AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/sandbox-tool.ts` embeds a Python RPC server that runs supplied commands with `subprocess.run`.
- `src/sandbox-tool.ts` provisions authenticated Hugging Face Jobs and exposes sandbox `exec`, read, and write operations.
- `src/jobs/commands/uv-utils.ts` accepts inline or URL script sources and builds commands for a remote UV job.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `src/index.ts` only exports modules; no import-time execution is present.
- Sandbox/job actions require explicit tool invocation plus an HF token.
- Network targets are Hugging Face service endpoints; no unrelated exfiltration endpoint was found.
- No local filesystem harvesting, shell spawning in the npm host, eval, or agent-config writes were found.
Source & flagged code
3 flagged · loading source`src/sandbox-tool.ts` embeds a Python RPC server that runs supplied commands with `subprocess.run`.
src/sandbox-tool.tsView on unpkg`src/sandbox-tool.ts` provisions authenticated Hugging Face Jobs and exposes sandbox `exec`, read, and write operations.
src/sandbox-tool.tsView on unpkg`src/jobs/commands/uv-utils.ts` accepts inline or URL script sources and builds commands for a remote UV job.
src/jobs/commands/uv-utils.tsView on unpkg