AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Installing the package can run `skyline setup` automatically. That command is delegated to an uninspected platform binary and is documented to install an autostart daemon plus Skyline agent plugins.
Decision evidence
public snapshot- `package.json` defines `postinstall: node postinstall.js`.
- `postinstall.js` automatically invokes `skyline setup` unless CI or opt-out env is set.
- `bin.js` resolves and executes a platform binary with the `setup` argument.
- `README.md` says setup installs an autostart daemon and marketplace plugins for agent CLIs on PATH.
- `README.md` describes plugin hooks that steer Claude away from built-in `Write`, `Edit`, and `Bash` tools.
- The JavaScript files contain no credential harvesting or filesystem enumeration.
- No network client, exfiltration endpoint, eval, or shell-string execution appears in inspected source.
- The lifecycle wrapper forwards only to the package's platform-specific binary.
- Setup failure is non-fatal and reports a visible warning.
- The documented agent integration is Skyline-branded rather than an unrelated payload.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
bin.jsView on unpkg