AI Security Review
scanned 13d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a Claude Code hook logger that sends prompts and code-change metadata to a configured or default API endpoint after user setup.
Decision evidence
public snapshot- src/api.js posts prompt text, author, OS, project and file-change metadata to API_BASE.
- src/api.js default API_BASE is http://192.168.1.224:8001 unless CC_HOOKS_API_URL is set.
- bin/cli.js init writes Claude Code hook commands into ~/.claude/settings.json.
- src/api.js queues failed uploads under ~/.cc-hooks/outbox and local logs under ~/.cc-hooks/cache/logs.
- package.json postinstall runs only bin/postinstall.js, which prints setup instructions and performs no file/network actions.
- Hook installation is user-invoked via cc-hooks init and documented in README.md.
- README.md describes prompt/file-change logging, local retry cache, and ~/.claude/settings.json mutation.
- bin/cli.js uninstall removes only its own cc-hooks commands from Claude settings.
- dist/index.js eval/Function matches bundled dependency/ncc patterns; source files do not contain hidden loader logic.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/index.jsView on unpkg · L104Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L8810Package source references weak cryptographic algorithms.
dist/index.jsView on unpkg · L104This package version adds a dangerous source file absent from the previous stored version.
src/api.jsView on unpkg