AI Security Review
scanned 4d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/chunk-AUKKMD5H.js builds and spawns live claude/codex agent commands for configured runs
- dist/chunk-AUKKMD5H.js defaultPreTrustWorktree writes ~/.claude.json trust state for a worktree before Claude execution
- dist/cli/index.js statusline install writes ~/.claude/settings.json to add an afterburner command hook
- dist/cli/index.js skill install copies bundled skill/SKILL.md into ~/.claude/skills/afterburner
- dist/cli/index.js update can run package-manager install commands when user invokes update
- package.json has no preinstall/install/postinstall lifecycle scripts
- Risky operations are CLI subcommands or configured run actions, not install-time execution
- Telegram and ntfy network calls are notification features using user-provided config/env tokens
- No source evidence of credential harvesting or sending command output to attacker-controlled endpoints
- Claude/Codex API keys are stripped from spawned agent environments in runner code
- README documents live agent behavior, skill install, update, and notification behavior
Source & flagged code
8 flagged · loading sourceSource executes local commands and sends command output to an external endpoint.
dist/cli/index.jsView on unpkg · L75A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli/index.jsView on unpkg · L75Package source references child process execution.
dist/cli/index.jsView on unpkg · L331A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/index.jsView on unpkg · L3160Package source invokes a package manager install command at runtime.
dist/cli/index.jsView on unpkg · L3016Source writes installer persistence such as shell profile or service configuration.
dist/cli/index.jsView on unpkg · L75This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-AUKKMD5H.jsView on unpkg