AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/program-2NTFQ6M7.js` runs Claude/Codex CLIs for requested pipeline phases.
- It forwards an allowlisted set of AI-provider credentials to those child CLIs.
- Explicit `run`/`review` commands can operate on a GitHub issue and project worktree.
- Runtime sends provider requests to OpenRouter and repo-scoped read queries to GitHub.
- `package.json` postinstall only attempts to load `node-pty` and prints a warning on failure.
- No install hook writes files, changes agent configuration, or performs network requests.
- `dist/index.js` only checks Node.js version then loads the CLI.
- GitHub GraphQL tool rejects mutations and limits queries to the active project repository.
Source & flagged code
5 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
dist/program-2NTFQ6M7.jsView on unpkg · L2777Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/program-2NTFQ6M7.jsView on unpkg · L9752