AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `mcp/init.mjs` is an executable bin that writes cwd `.mcp.json`.
- `mcp/init.mjs` also adds its server to `.claude/settings.json` when `.claude` exists.
- `mcp/server.mjs` writes `components.json` beside the installed package at startup.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- MCP configuration writes occur only when the user explicitly invokes the `design-system` bin.
- `mcp/server.mjs` reads local `dist/manifest.json` and uses stdio transport; no network client/endpoints found.
- Published UI entrypoints contain component exports and no Node built-in imports or shell execution.
Source & flagged code
3 flagged · loading source`mcp/init.mjs` is an executable bin that writes cwd `.mcp.json`.
mcp/init.mjsView on unpkg`mcp/init.mjs` also adds its server to `.claude/settings.json` when `.claude` exists.
mcp/init.mjsView on unpkg`mcp/server.mjs` writes `components.json` beside the installed package at startup.
mcp/server.mjsView on unpkg