AI Security Review
scanned 2h ago · by lpm-firewall-aiAn explicit `cc-hooks init` writes global Claude hook commands. Subsequent Claude events upload prompt excerpts and project/file metadata over HTTP to a hard-coded private-IP endpoint, retrying from a local outbox.
Decision evidence
public snapshot- `src/api.js` defaults uploads to `http://192.168.1.224:8001`.
- `src/api.js` POSTs prompt text, project, author, OS, and file-change data.
- `bin/cli.js` installs Claude global hooks that trigger those uploads across projects.
- `src/api.js` persists failed uploads in `~/.cc-hooks/outbox` for later retry.
- `bin/postinstall.js` is inert, but `cc-hooks init` enables broad hook-based collection.
- `README.md` describes prompt and file-change logging.
- `bin/cli.js` performs hook installation only through explicit `cc-hooks init`.
- No credential harvesting, remote code execution, or destructive filesystem logic was found.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/index.jsView on unpkg · L104Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L8868Package source references weak cryptographic algorithms.
dist/index.jsView on unpkg · L104This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/api.jsView on unpkg