AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package performs unconsented install-time mutation of user AI-agent control surfaces. It drops package-supplied skills and command/prompts into agent directories during npm postinstall.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall-skills.js.
- scripts/postinstall-skills.js silently copies package skills into ~/.agents/skills on every install.
- scripts/postinstall-skills.js also copies skills/commands into ~/.claude and ~/.codex when those dirs exist.
- dist/commands/install-skills.js repeats AI-agent resource installation as an explicit command.
- dist files are heavily obfuscated, increasing review difficulty.
- No credential harvesting or broad file enumeration found in inspected postinstall source.
- Network use appears aligned to MiraclePlus CLI APIs in dist/env.js and dist/api_client.js.
- bin/mplus.js only requires ../dist/index.js.
- skills/*.md describe mplus commands and API usage rather than obvious exfiltration instructions.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references dynamic require/import behavior.
bin/mplus.jsView on unpkg · L3Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/registry.jsView on unpkg · L1Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall-skills.jsView on unpkg · L3