AI Security Review
scanned 2h ago · by lpm-firewall-aiInstalling the package invokes a lifecycle hook that performs a networked npm install and removes nested XMTP binding copies inside this package's dependency tree. Separately, explicit fund-session functionality can manage OpenClaw cron jobs.
Decision evidence
public snapshot- package.json defines a postinstall hook.
- scripts/pin-xmtp-bindings.cjs runs `npm install --no-save --force` during installation.
- The hook recursively removes nested `@xmtp/node-bindings` directories under its own node_modules.
- dist/cron-QMLRWDJG.js can create OpenClaw cron jobs when invoked by fund-session flows.
- The postinstall target is a fixed XMTP bindings version, not a fetched script or arbitrary URL.
- Lifecycle file scopes deletion to `@xmtp/node-bindings` beneath this CLI's node_modules.
- No eval, VM execution, shell interpolation of external input, credential harvesting, or exfiltration was found in inspected paths.
- OpenClaw operations use fixed `execFileSync` argument arrays and are command-triggered, not install-time.
- Runtime network calls in dist/agent-6IRZUPFT.js are DeFi data APIs aligned with the CLI's stated investment-agent functionality.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
dist/agent-6IRZUPFT.jsView on unpkg · L1082Package source references weak cryptographic algorithms.
dist/agent-6IRZUPFT.jsView on unpkg · L69Package source invokes a package manager install command at runtime.
scripts/pin-xmtp-bindings.cjsView on unpkg · L47This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkg