AI Security Review
scanned 9d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Install-time lifecycle code mutates the user's GoodVibes agent control surface by deploying global/project-independent agent instructions. This is unconsented AI-agent control-surface mutation even though much of the package functionality is otherwise product-aligned.
Decision evidence
public snapshot- package.json runs preinstall and postinstall lifecycle scripts.
- scripts/postinstall.js copies bundled .goodvibes/skills and .goodvibes/agents into ~/.goodvibes/tui on install.
- scripts/postinstall.js copies .goodvibes/GOODVIBES.md into ~/.goodvibes/GOODVIBES.md if absent.
- .goodvibes/GOODVIBES.md contains mandatory agent directives controlling planning, parallelism, test behavior, and file-reading behavior.
- .goodvibes/agents/reviewer.md installs an agent instruction file that constrains reviewer behavior and output.
- postinstall also downloads executable release binaries into vendor/ and chmods them.
- scripts/check-bun.sh only checks Bun availability.
- Release binary URL is derived from the declared GitHub repository and version.
- Downloaded binaries are checked against SHA256SUMS when checksums are present.
- Most child_process/network use is product-aligned CLI, daemon, verifier, provider, and sandbox functionality.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains a possible secret pattern.
src/panels/builtin/session.tsView on unpkg · L35Package source references child process execution.
bin/launcher-support.jsView on unpkg · L2Package source references dynamic require/import behavior.
src/input/commands/hooks-runtime.tsView on unpkg · L120A single source file combines environment access, network access, and code or shell execution; review context before blocking.
src/verification/live-verifier.tsView on unpkg · L89Source writes persistence or remote-access backdoor material.
src/runtime/sandbox-public-gaps.tsView on unpkg · L2Package ships non-JavaScript build or shell helper files.
scripts/check-bun.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/cli/completions/generate.tsView on unpkgHardcoded password in src/runtime/onboarding/apply.ts
src/runtime/onboarding/apply.tsView on unpkg · L91