AI Security Review
scanned 1h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/setup.js explicitly writes Codex hook registrations and copies hook code to ~/.nexusmind/hook-runtime.
- Configured hooks read Codex transcript data and send selected content to the NexusMind API.
- dist/hooks/stop.js can emit a Codex block decision to keep a turn active.
- Hooks default to nexusmind-backend.fly.dev when an API key is present.
- package.json has no preinstall, install, or postinstall hook.
- Setup is an explicit interactive command; Codex hooks require separate user approval.
- Child-process use is limited to codex registration/version checks and Windows setx.
- No eval, downloaded code execution, credential harvesting, or unrelated exfiltration found.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/hooks/_helpers.jsView on unpkg · L5A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/hooks/_helpers.jsView on unpkg · L5Source writes installer persistence such as shell profile or service configuration.
dist/setup.jsView on unpkg · L13This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/doctor.jsView on unpkg