AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installation triggers an automatic `skyline setup` invocation. The invoked platform binary is documented to install an autostart daemon and plugins/hooks into AI-agent CLIs found on PATH, without an explicit user command.
Decision evidence
public snapshot- `package.json` registers `postinstall: node postinstall.js`.
- `postinstall.js` automatically runs `bin.js setup` unless CI or `SKYLINE_NO_AUTO_SETUP` is set.
- `bin.js` resolves and executes a platform-specific Skyline binary with the `setup` argument.
- `README.md` states setup installs an autostart daemon and Skyline marketplace plugins for agent CLIs on PATH.
- `README.md` says its Claude plugin uses hooks to steer agents away from built-in Write/Edit/Bash tools.
- No JavaScript source reads credentials, harvests files, or performs network requests.
- The wrapper uses fixed scoped platform-package names and forwards CLI arguments without shell interpolation.
- The lifecycle hook warns on failure rather than retrying or hiding errors.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
bin.jsView on unpkg