AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/index.js` exposes MCP tools that spawn and detach arbitrary local commands.
- `dist/index.js` enables `allowProcessSpawn` and browser JavaScript evaluation by default.
- `dist/index.js` persists tracked commands/logs under `~/.fennec` and can re-spawn saved commands.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- `dist/index.js` constructs an MCP server; inspection found no import-time startup or hidden payload fetch.
- Observed network literals are localhost CDP/MCP endpoints only.
- Writes are package-owned logs, sessions, workflows, exports, and tracked-process state; no foreign AI-agent config paths found.
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
dist/cdp-engine-TER6GXT6.jsView on unpkg · L6This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L14