AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `package.json` runs `postinstall`.
- `install.js` downloads and installs a platform binary.
- `lib/posthog-api-cli.mjs` exposes explicit `agents-md install`.
- The agent command calls `installAgentsMdSnippet` for an `AGENTS.md` path.
- Postinstall is limited to a fixed PostHog GitHub release URL.
- Installer writes only its own `node_modules/.bin_real` binary directory.
- No credential harvesting or unrelated-file access appears in installer sources.
- Agent-file mutation is user-invoked, not lifecycle-triggered.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage contains source files above the static scanner size ceiling.
lib/posthog-api-cli.mjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
lib/posthog-api-cli.mjsView on unpkg