AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/cli.js` runs an installer on explicit `npx` TTY invocation.
- `dist/install/mergeConfig.js` writes a `kaneo` MCP entry into selected AI-client config.
- `dist/install/targets.js` includes global Cursor and Claude Desktop configuration paths.
- `dist/install/skillsInstaller.js` copies skills and `AGENT.md` into Claude directories on explicit `skills` command.
- `package.json` has no preinstall/install/postinstall hook; only `prepublishOnly`.
- Network requests in `dist/kaneoClient.js` are authenticated Kaneo API calls.
- `dist/auth/tokenStore.js` stores only Kaneo credentials locally with mode `0600`.
- No child-process, shell, eval, dynamic loading, destructive file deletion, or hidden exfiltration was found.
- `dist/version.js` only checks the package's npm registry latest endpoint.
Source & flagged code
4 flagged · loading source`dist/cli.js` runs an installer on explicit `npx` TTY invocation.
dist/cli.jsView on unpkg`dist/install/mergeConfig.js` writes a `kaneo` MCP entry into selected AI-client config.
dist/install/mergeConfig.jsView on unpkg`dist/install/targets.js` includes global Cursor and Claude Desktop configuration paths.
dist/install/targets.jsView on unpkg`dist/install/skillsInstaller.js` copies skills and `AGENT.md` into Claude directories on explicit `skills` command.
dist/install/skillsInstaller.jsView on unpkg