AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installing the npm package can automatically invoke `skyline setup`. The documented setup changes agent-CLI plugin wiring and starts a supervised daemon without an explicit setup command from the user.
Decision evidence
public snapshot- package.json defines `postinstall: node postinstall.js`.
- postinstall.js automatically runs `bin.js setup` unless CI or an opt-out env var is set.
- bin.js resolves and executes a platform-specific opaque binary with the `setup` argument.
- README.md states setup installs an autostart daemon and marketplace plugins for agent CLIs on PATH.
- README.md says the plugin hooks redirect Claude built-in Write/Edit/Bash tools to Skyline tools.
- The JavaScript wrapper contains no credential harvesting, file enumeration, HTTP client, eval, or direct exfiltration logic.
- postinstall.js reports setup failures and does not retry or add JS-level persistence.
- The wrapper only executes a named platform package; its binary implementation is not present in this extracted package.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
bin.jsView on unpkg