AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The npm postinstall hook automatically invokes skyline setup, which the package documentation describes as installing an autostart daemon and agent CLI plugins. That is unconsented install-time mutation of a broad AI-agent control surface.
Decision evidence
public snapshot- package.json defines postinstall: node postinstall.js.
- postinstall.js runs bin.js with setup during npm lifecycle unless CI or SKYLINE_NO_AUTO_SETUP is set.
- bin.js resolves a platform optional package and spawnSync executes its skyline binary with inherited stdio.
- README.md says skyline setup installs a supervised autostart daemon and best-effort installs agent CLI marketplace plugins.
- README.md instructs registering an MCP server on localhost port 7333 for AI clients.
- No JS source contains credential harvesting, file enumeration, fetch/http client code, eval/vm, or encoded payloads.
- Network URLs in package source are documentation/repository links only.
- Wrapper behavior is package-aligned CLI dispatch to declared optional platform packages.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
bin.jsView on unpkg