registry  /  @nikolauska/cbm-axi  /  0.3.1

@nikolauska/cbm-axi@0.3.1

Agent-oriented CLI for compact codebase-memory graph queries

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.

Static reason
No blocking static signals were detected.
Trigger
User runs `cbm-axi setup hooks`.
Impact
May modify user-level Claude Code, Codex, and OpenCode hook configuration; exact target paths are not present in this package.
Mechanism
Delegated AI-agent session-hook installation.
Rationale
Source inspection found explicit user-invoked AI-agent hook setup but no stealth, install-time execution, exfiltration, remote payload loading, or destructive behavior. Downgrade to warn under the explicit-user-command agent-config-mutation policy.
Evidence
package.jsondist/cli.jsdist/commands/setup.jsdist/backend.jsREADME.mdskills/cbm-axi/SKILL.mddist/bin/cbm-axi.js

Decision evidence

public snapshot
AI called this Suspicious at 84.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `dist/commands/setup.js` exposes explicit `setup hooks` only.
  • `dist/cli.js` delegates hook installation to `axi-sdk-js`.
  • `README.md` states hooks target Claude Code, Codex, and OpenCode user sessions.
Evidence against
  • `package.json` has no preinstall, install, or postinstall hook.
  • The hook path requires an explicit CLI command and exact `hooks` argument.
  • `dist/backend.js` only spawns fixed `codebase-memory-mcp` with caller-supplied arguments.
  • No package source performs network requests, credential harvesting, eval, or destructive filesystem actions.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 10 file(s), 19.0 KB of source

Source & flagged code

2 flagged · loading source
dist/commands/setup.jsView file
Published source reference
Medium
Ai Review Evidence

`dist/commands/setup.js` exposes explicit `setup hooks` only.

dist/commands/setup.jsView on unpkg
dist/cli.jsView file
Published source reference
Medium
Ai Review Evidence

`dist/cli.js` delegates hook installation to `axi-sdk-js`.

dist/cli.jsView on unpkg

Findings

4 Medium3 Low
MediumEnvironment Vars
MediumAi Review Evidencedist/commands/setup.js
MediumAi Review Evidencedist/cli.js
MediumAi Review Evidence
LowScripts Present
LowFilesystem
LowHigh Entropy Strings