AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious attack surface is established, but the package has substantial explicit setup capability for a Claude/S4L agent extension. It can register MCP servers, create browser profiles, install runtime dependencies, and schedule local jobs when the user runs setup commands.
Decision evidence
public snapshot- bin/cli.js init/update writes ~/.claude skills, browser-agent configs, MCP server files, and registers Claude MCP servers.
- bin/cli.js installBrowserHarness runs curl installer, pip installs, git clone/fetch/reset, uv tool install, and npm install in owned MCP dir.
- mcp/install.mjs writes Claude Desktop and Claude Code MCP config entries, with backups.
- browser-agent-configs/*.json define MCP servers that launch npx @playwright/mcp or uv-run browser-harness.
- bin/cli.js generatePlists creates launchd jobs including updater and overlay/watch jobs under ~/social-autoposter/launchd.
- package.json has no preinstall/install/postinstall lifecycle hooks; activation is via explicit CLI commands such as init/update/install-runtime.
- No source evidence of credential exfiltration; cookie export/import is explicit command-only in bin/cookie-helper.js.
- Remote dependency actions are package-aligned setup for S4L/browser-harness and pinned where browser-harness commit is fetched.
- Claude config mutation is first-party package-owned agent/MCP setup, not unconsented install-time mutation of a broad foreign agent surface.
Source & flagged code
7 flagged · loading sourcePackage source references child process execution.
bin/cookie-helper.jsView on unpkg · L13Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
bin/cookie-helper.jsView on unpkg · L31Package source references dynamic require/import behavior.
bin/cookie-helper.jsView on unpkg · L13Source writes installer persistence such as shell profile or service configuration.
bin/scheduler/launchd.jsView on unpkg · L4This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/cli.jsView on unpkgPackage source invokes a package manager install command at runtime.
bin/cli.jsView on unpkg · L848Package ships non-JavaScript build or shell helper files.
skill/dm-outreach-reddit.shView on unpkg