AI Security Review
scanned 59m ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package performs an npm postinstall mutation of a foreign AI-agent control surface by copying its bundled Claude Code skill into the user's home directory. It also patches installed Ink dependency files under node_modules.
Decision evidence
public snapshot- package.json runs postinstall: node scripts/postinstall.cjs || true
- scripts/postinstall.cjs writes package skill to ~/.claude/skills/orch/SKILL.md during npm install
- scripts/postinstall.cjs mutates dependency files under node_modules/ink/build at install time
- skills/orch/SKILL.md is packaged agent-facing instruction content for Claude Code
- No network calls or endpoint use in scripts/postinstall.cjs
- Postinstall catches errors and only shows banner in interactive stderr
- Main package purpose is AI-agent orchestration with Claude/Codex/Cursor/OpenCode bins
- No credential harvesting or exfiltration found in inspected install script
Source & flagged code
6 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references dynamic require/import behavior.
dist/chunk-6DWHQPTE.jsView on unpkg · L9Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.cjsView on unpkg · L1Manifest entrypoint contains risky behavior absent from dist/build output.
scripts/postinstall.cjsView on unpkg · L13Package ships non-JavaScript build or shell helper files.
scripts/release.shView on unpkg