AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time attack surface is established. Explicit agent-install commands can add Memoire-owned skills and MCP entries to supported agent configurations; startup update checking queries npm's registry only.
Decision evidence
public snapshot- `dist/agents/agent-kits.js` can write MCP/skill/plugin entries for Claude, Cursor, Codex, and Grok.
- These writes are activated by explicit `memi agent install` or initialization flows, not package installation.
- `dist/utils/update-check.js` contacts the fixed npm registry endpoint on interactive CLI startup.
- `dist/commands/self-update.js` runs a global npm install only for explicit `memi self-update` or opt-in auto-update.
- `package.json` has only `prepublishOnly`; no `preinstall`, `install`, or `postinstall` hook.
- `dist/index.js` registers commands and performs no credential harvesting or foreign config mutation on import.
- `dist/studio/design-system-trace.js` executes fixed `git` status/diff arguments with `execFile`, not a shell.
- `dist/preview/server.js` starts local Vite only when preview functionality is invoked.
- No source evidence of secret exfiltration, remote payload execution, stealth persistence, or destructive behavior.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
dist/studio/design-system-trace.jsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/preview/server.jsView on unpkg · L86Package source references weak cryptographic algorithms.
dist/research/design-package.jsView on unpkg · L210A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/utils/update-check.jsView on unpkg · L14This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/studio.jsView on unpkg