AI Security Review
scanned 1d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Static reason
No blocking static signals were detected.
Trigger
User runs `lgtm setup` or `lgtm install`; enabled MCP/plugin invokes `dist/cli.mjs`.
Impact
User-approved agent integration changes; no unconsented install-time mutation confirmed.
Mechanism
Explicit agent-plugin installation and localhost review server.
Rationale
No concrete malicious behavior was found, but the package provides explicit commands that mutate AI-agent extension configuration. Per policy, that user-invoked agent-control capability warrants a warning rather than a block.
Evidence
package.jsondist/cli.mjsdist/pi/lgtm.mjs.mcp.json.mcp.claude.json.codex-plugin/plugin.jsonbin/lgtm.mjsskills/lgtm/SKILL.md
Network endpoints1
github.com/rendotdev/lgtm
Decision evidence
public snapshotAI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `dist/cli.mjs` exposes explicit `lgtm setup`/`install` commands.
- Setup spawns `pi`, `claude`, or `codex` plugin-install commands.
- Claude setup adds `https://github.com/rendotdev/lgtm` marketplace then installs `lgtm@rendotdev`.
- Package ships MCP/plugin manifests that execute `dist/cli.mjs` when enabled.
Evidence against
- `package.json` has no preinstall, install, or postinstall hook.
- Integration mutation requires an explicit CLI setup/install command.
- Review server binds only to `127.0.0.1` and reports a localhost URL.
- No credential harvesting, remote payload loading, or non-local exfiltration was found.
Behavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShell
HighEntropyStringsMinifiedObfuscatedUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcedist/web/assets/vue-vine-BoACsSsE.jsView file
1import{t as e}from"./javascript-wR_EsWTm.js";import{t}from"./css-Cn28CBri.js";import{t as n}from"./scss-DtdZojWh.js";import r from"./postcss-BXeXVLqQ.js";import i from"./less-DVTAw...
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/web/assets/vue-vine-BoACsSsE.jsView on unpkg · L1dist/web/assets/geist-mono-vietnamese-wght-normal-D8KDMBhC.woff2View file
•path = dist/web/assets/geist-mono-vietnamese-wght-normal-D8KDMBhC.woff2
kind = high_entropy_blob
sizeBytes = 7716
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
dist/web/assets/geist-mono-vietnamese-wght-normal-D8KDMBhC.woff2View on unpkgFindings
1 High4 Medium6 Low
HighShips High Entropy Blobdist/web/assets/geist-mono-vietnamese-wght-normal-D8KDMBhC.woff2
MediumDynamic Requiredist/web/assets/vue-vine-BoACsSsE.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License