AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `sanity mcp configure` detects AI editors and can write their MCP configuration.
- `writeMCPConfig.js` creates parent directories and writes a `Sanity` server entry.
- `sanity skills install` runs bundled `skills add sanity-io/agent-toolkit ... -g -y`.
- MCP configuration targets `https://mcp.sanity.io` and may add a bearer token.
- `package.json` has no preinstall/install/postinstall/prepare lifecycle hooks.
- `bin/run.js` only enforces Node version then starts the Oclif CLI.
- MCP setup prompts for editor selection unless explicitly run in auto mode.
- Update checking only fetches package-version metadata in a detached worker.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/util/update/updateChecker.jsView on unpkg · L1Package source references shell execution.
dist/util/packageManager/installationInfo/detectGlobals.jsView on unpkg · L1Package source references weak cryptographic algorithms.
dist/actions/manifest/writeWorkspaceFiles.jsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/commands/codemod.jsView on unpkg · L118