AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed install-time attack surface exists. An explicit `scout init` command attempts to install a Claude skill into the current project, but its packaged source path is absent and the action fails before writing.
Decision evidence
public snapshot- `dist/commands/init.js` explicitly targets `cwd/.claude/skills` on `scout init`.
- `dist/commands/project.js` runs `npx kb-skills lint` only under `scout project health-check --kb`.
- `dist/utils/config.js` reads `~/.optima/token.json`/`OPTIMA_TOKEN` for authenticated Scout API calls.
- `package.json` has no preinstall, install, postinstall, or other lifecycle hook.
- Entrypoint wiring in `dist/index.js` registers commands; no install-time network or file action is present.
- `init.js` loads nonexistent `.claude/skills/optima-scout/SKILL.md`; bundled skill is `.claude/skills/scout/SKILL.md`, so the attempted agent-skill write does not complete as shipped.
- Network calls in `dist/utils/api.js` use configured Optima Scout endpoints and command inputs; no unrelated exfiltration found.
- No eval, VM, remote-code loader, credential harvesting beyond the service token, or destructive broad filesystem operation found.
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
dist/commands/project.jsView on unpkg · L4Package source invokes a package manager install command at runtime.
dist/commands/project.jsView on unpkg · L212This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/utils/config.test.jsView on unpkg