AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/cli.js registers global Claude/Cursor MCP entries during explicit `reticle init`
- dist/cli.js can spawn a detached localhost daemon and writes pid/log files under ~/.reticle
- dist/cli.js exposes MCP update tools that fetch npm latest and run npm install only after confirm:true
- dist/cli.js writes project integration files such as .reticle.json, Vite config, app/reticle-dev.tsx, or src/hooks.client.ts
- package.json has no npm lifecycle hooks, so install/import does not auto-mutate agent configs
- dist/cli.js entrypoint gates execution with isEntryPoint(); imports do not run CLI main
- MCP/daemon/network behavior is Reticle-aligned and documented in README.md
- servers bind/proxy to loopback by default and use optional tokens/origin controls
- no credential harvesting, destructive code, obfuscated payload, or unrelated exfiltration found
Source & flagged code
4 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.jsView on unpkg · L256