AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/commands/init.ts` invokes workbase initialization on explicit `agency init`.
- `src/services/WorkbaseService.ts` writes `<workbase>/AGENTS.md` and `<workbase>/.opencode/opencode.jsonc`.
- `src/commands/work.ts` explicitly launches installed `opencode` or `claude` via `execvp`.
- `src/utils/exec.ts` loads libc FFI solely to replace the process with the selected CLI.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- Agent files contain bounded workbase instructions/config references, with checksum guards before updates.
- No fetch/API client, credential harvesting, obfuscated payload, dynamic code loading, or exfiltration path was found.
- Git/GitHub network actions are explicit repository clone/fetch/push/PR commands.
Source & flagged code
4 flagged · loading source`src/commands/init.ts` invokes workbase initialization on explicit `agency init`.
src/commands/init.tsView on unpkg`src/services/WorkbaseService.ts` writes `<workbase>/AGENTS.md` and `<workbase>/.opencode/opencode.jsonc`.
src/services/WorkbaseService.tsView on unpkg`src/commands/work.ts` explicitly launches installed `opencode` or `claude` via `execvp`.
src/commands/work.tsView on unpkg`src/utils/exec.ts` loads libc FFI solely to replace the process with the selected CLI.
src/utils/exec.tsView on unpkg