AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist-cli/kai-cli.js` starts an HTTP server on `0.0.0.0` from the user-invoked CLI.
- `dist-cli/kai-cli.js` provisions PTY sessions through `node-pty`, enabling interactive local command execution.
- `dist-cli/kai-cli.js` spawns configured MCP commands with inherited environment variables.
- `dist-cli/kai-cli.js` supports remote-access tokens and package update/skill-download network flows.
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle hook.
- `bin/kai-cli.js` only validates bundled renderer files then loads the CLI entrypoint.
- No source evidence of harvesting `.ssh`, npm credentials, foreign agent configs, or stealth persistence.
- The CLI generates/displays an access token before exposing its HTTP interface; no unconsented install-time action was found.
Source & flagged code
5 flagged · loading sourcePackage source references dynamic require/import behavior.
bin/kai-cli.jsView on unpkg · L8Package ships compressed or archive-like blobs.
dist-electron/renderer/assets/diagram-MMDJMWI5-CQyMbB4C.js.gzView on unpkgPackage ships high-entropy non-source blobs.
dist-electron/renderer/assets/chunk-OYMX7WX6-89Cfdes5.js.gzView on unpkgPackage contains source files above the static scanner size ceiling.
dist-electron/renderer/assets/index-CvNq2hZf.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist-cli/kai-cli.jsView on unpkg