AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The package is a user-invoked AI automation CLI with explicit commands that can install first-party Claude Code integrations and scheduled jobs. This is a real agent-extension lifecycle risk, but inspection did not find unconsented lifecycle execution, credential exfiltration, or remote payload loading.
Decision evidence
public snapshot- dist/cli/index.js has explicit `statusline install` command that edits Claude Code settings.json to run afterburner as a statusLine hook.
- dist/cli/index.js has `skill install` command copying bundled skill/SKILL.md into the user's Claude skills directory.
- dist/cli/index.js can append an afterburner statusline block to shell rc during interactive init when user accepts.
- dist/cli/index.js spawns local agent/CLI commands such as claude, codex, git/gh and scheduler commands during user-invoked workflows.
- package.json has no preinstall/install/postinstall lifecycle hooks.
- CLI actions are registered as explicit commands; no install-time mutation of Claude/Codex control surfaces was found.
- Telegram network use is package-aligned notification/setup flow and requires AFTERBURNER_TELEGRAM_TOKEN.
- `claude setup-token` output is masked on stdout and stored locally via explicit auth setup, not sent to a package-controlled endpoint.
- dist/core/index.js only re-exports core APIs from the bundled chunk; no import-time execution beyond module initialization was found.
- Setup install commands are hardened with --ignore-scripts by default unless config opts in.
Source & flagged code
7 flagged · loading sourceSource executes local commands and sends command output to an external endpoint.
dist/cli/index.jsView on unpkg · L79A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/cli/index.jsView on unpkg · L79Package source references child process execution.
dist/cli/index.jsView on unpkg · L344A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/index.jsView on unpkg · L3203Package source invokes a package manager install command at runtime.
dist/cli/index.jsView on unpkg · L3050Source writes installer persistence such as shell profile or service configuration.
dist/cli/index.jsView on unpkg · L79