AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/lib/tools/bash.js` exposes an agent-callable shell executor.
- `dist/lib/tools/write.js` and `dist/lib/tools/edit.js` expose agent-callable file mutation.
- `dist/lib/tools/web-fetch.js` permits agent-directed arbitrary HTTP requests.
- `dist/gateway/setup.js` can install persistent user services, but only from explicit `cumulus-gateway setup` interaction.
- `dist/lib/version-check.js` can run global npm updates only through its explicit update function.
- `package.json` has no preinstall, install, or postinstall hook; `prepare` only invokes Husky.
- `dist/gateway/setup.js` asks before LaunchAgent/systemd installation and skips it for non-TTY setup.
- `dist/lib/gateway.js` spawns the configured Claude CLI for user/runtime messages rather than at import or install time.
- No inspected code showed credential harvesting, hidden exfiltration, encoded payload execution, or foreign AI-agent configuration writes.
- Gateway service and config paths are package-owned under `~/.cumulus`.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
dist/tui/hooks/useClaudeProcess.jsView on unpkg · L3This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/lib/gateway.jsView on unpkgPackage source references weak cryptographic algorithms.
dist/gateway/server.jsView on unpkg · L16Source writes installer persistence such as shell profile or service configuration.
dist/gateway/setup.jsView on unpkg · L7Package source invokes a package manager install command at runtime.
dist/lib/version-check.jsView on unpkg · L179