AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/lib/claude.js` deploys Claude settings, hooks, agents, and skills during CLI session setup.
- `dist/commands/config-sync.js` copies bundled agent-config files only after explicit `--apply`; `--force` can overwrite local edits.
- `dist/commands/sync.js` reads local Claude JSONL session records and posts them to a configured observability API.
- `dist/lib/claude.js` runs Git commands and `dist/lib/gh-remote.js` can create/push a GitHub repository after `--with-remote`.
- `package.json` has no `preinstall`, `install`, `postinstall`, `prepare`, or uninstall lifecycle hook; only `prepublishOnly`.
- `dist/index.js` exposes these behaviors as named user-invoked CLI commands rather than import-time actions.
- `dist/commands/config-sync.js` defaults to dry-run, refuses dirty Git trees by default, and skips modified files unless forced.
- Network sync defaults to `http://localhost:3100` and accepts an explicit/configured API URL; no hidden endpoint was found.
Source & flagged code
5 flagged · loading sourcePackage source references dynamic require/import behavior.
dist/index.jsView on unpkg · L45A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/commands/pr-sync.jsView on unpkg · L53Package ships non-JavaScript build or shell helper files.
dist/agent-config/hooks/git-mutation-guard.shView on unpkg