AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/index.js` exposes authenticated SSH/SFTP, Docker, database, DNS, and object-store mutation tools.
- `dist/index.js` can run Docker commands through configured SSH servers and delete remote/S3-compatible objects.
- `dist/index.js` can read a user-selected remote env file when explicit SSH-tunnel flags are supplied.
- `package.json` has only `prepublishOnly`; no install, preinstall, or postinstall hook.
- `dist/index.js` requires an API key and SSH-key path before starting normal MCP mode.
- `dist/index.js` enforces API-key, SSH-key, role/module, tool-allowlist, and server-access checks.
- SSH keys are used for local signing or configured SSH connections; no source path sends private-key or environment contents to an unrelated host.
- Network calls target configured MG Dashboard/proxy endpoints and the explicit mijn.host API integration.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
dist/index.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.jsView on unpkg · L1