AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/commands/install-skill.js` explicitly runs `npx skills add` and copies a bundled skill into Codex, CodeBuddy, and WorkBuddy skill directories.
- `.agents/skills/resto-datacli/SKILL.md` directs agents to run npm version checks, global npm installation, and local knowledge synchronization.
- `dist/commands/uninstall.js` removes skill directories for multiple AI-assistant control surfaces when explicitly invoked.
- `package.json` has only a `prepare` build script; it has no preinstall, install, or postinstall hook.
- The CLI runs only when invoked as the `resto` binary; no import-time network or filesystem mutation was found.
- Network requests implement declared authentication, report, and knowledge commands; no credential harvesting or unrelated exfiltration path was found.
- `dist/config/auth-store.js` stores the CLI auth profile locally with owner read/write permissions.
- No eval/vm/dynamic-code execution, hidden payload loading, destructive broad filesystem behavior, or stealth persistence was found.
Source & flagged code
3 flagged · loading source`dist/commands/install-skill.js` explicitly runs `npx skills add` and copies a bundled skill into Codex, CodeBuddy, and WorkBuddy skill directories.
dist/commands/install-skill.jsView on unpkg`.agents/skills/resto-datacli/SKILL.md` directs agents to run npm version checks, global npm installation, and local knowledge synchronization.
agents/skills/resto-datacli/SKILL.mdView on unpkg`dist/commands/uninstall.js` removes skill directories for multiple AI-assistant control surfaces when explicitly invoked.
dist/commands/uninstall.jsView on unpkg