AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/commands/archive.js clones https://github.com/Neetru/neetru-libs-public.git and installs/removes entries under ~/.claude/skills via explicit archive skills commands.
- dist/index.js wires archive skills install/update/uninstall as user-invoked subcommands, not install-time hooks.
- dist/lib/ai/auth-discovery.js reads ~/.claude/.credentials.json, ~/.codex/auth.json and AI provider env vars, and auth pull/setup can copy API keys into Neetru config.
- dist/lib/ai/auth-discovery.js can run npm install -g for AI CLIs, but only through interactive auth setup confirmation.
- package.json has no preinstall/install/postinstall hook; only prepublishOnly builds before publishing.
- dist/lib/telemetry.js states telemetry is default-off and sends only command metadata/installId when enabled.
- dist/lib/api-client.js defaults to https://api.neetru.com and dist/commands/config.js blocks untrusted neetruApiUrl unless explicitly overridden.
- dist/commands/deploy.js filters secret-looking env vars and dangerous env keys before deploy requests.
- No evidence of import-time exfiltration, hidden remote payload execution, persistence, or destructive install behavior.
Source & flagged code
7 flagged · loading sourcePackage contains a possible secret pattern.
dist/lib/db-pipeline/rehearse.jsView on unpkg · L68Hardcoded password in dist/lib/db-pipeline/rehearse.js
dist/lib/db-pipeline/rehearse.jsView on unpkg · L73Package source references child process execution.
dist/lib/ai/auth-discovery.jsView on unpkg · L18Package source invokes a package manager install command at runtime.
dist/lib/ai/auth-discovery.jsView on unpkg · L284Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/commands/bootstrap.jsView on unpkg · L8This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/deploy.jsView on unpkg