AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/index.js` implements `setup cursor --install`, which writes `~/.cursor/mcp.json`.
- `dist/index.js` implements `setup claude-code --install`, spawning `claude mcp add`.
- The installed stdio entry runs `npx -y @markdocket/cli@latest mcp`, permitting future package updates when the configured agent starts.
- CLI runtime sends authenticated API/OAuth requests to `https://app.markdocket.com`.
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- `bin/markdocket.mjs` only imports the CLI bundle after explicit bin invocation.
- Agent configuration writes require explicit `--install`; Cursor replacement additionally requires `--force` for a differing entry.
- Config/token handling is scoped to MarkDocket config and uses owner-only filesystem modes; no broad credential harvesting found.
- `eval` scanner hit is bundled AJV code generation, not package-controlled payload execution.
Source & flagged code
4 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L1228Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L2894