AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/daemon.js` claims remote jobs and dispatches configured local adapters.
- `dist/adapters/codexAgent.js` launches Codex with `workspace-write` for configured workspaces.
- `dist/adapters/processAgent.js` supports arbitrary configured local commands.
- `dist/adapters/httpAgent.js` posts job and wake data to a configured endpoint.
- `dist/runtime/process.js` merges parent `process.env` into launched child processes.
- `package.json` has no preinstall, install, or postinstall hook.
- No eval, dynamic module loading, native loading, persistence, or AI-config writes found.
- Codex/Claude execution requires explicit pairing and user-configured adapters/workspaces.
- `dist/bridge/server.js` binds the scoped bridge to `127.0.0.1`; handler checks a run token.
- `dist/config.js` stores its credential in a dedicated mode-0600 config file.
Source & flagged code
5 flagged · loading source`dist/daemon.js` claims remote jobs and dispatches configured local adapters.
dist/daemon.jsView on unpkg`dist/adapters/codexAgent.js` launches Codex with `workspace-write` for configured workspaces.
dist/adapters/codexAgent.jsView on unpkg`dist/adapters/processAgent.js` supports arbitrary configured local commands.
dist/adapters/processAgent.jsView on unpkg`dist/adapters/httpAgent.js` posts job and wake data to a configured endpoint.
dist/adapters/httpAgent.jsView on unpkg`dist/runtime/process.js` merges parent `process.env` into launched child processes.
dist/runtime/process.jsView on unpkg