AI Security Review
scanned 2h ago · by lpm-firewall-aiNo unconsented install-time behavior is present. The package can install a repository pre-commit hook after an explicit user command, and can send audit warnings to a user-configured webhook.
Decision evidence
public snapshot- `dist/index.js` installs an executable `.git/hooks/pre-commit` only with `--install-hook`.
- `dist/commands/init.js` explicitly creates `.sofagent/config.yml` and installs the same Git hook.
- `hooks/pre-commit` runs `sofagent-audit` on future commits, creating user-approved local persistence.
- `dist/webhook.js` POSTs audit warnings only when a user supplies webhook platform and URL.
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- No hard-coded network endpoint, credential harvesting, remote payload loading, `eval`, or shell-string execution was found.
- Child-process calls use fixed local tools such as `git`, `npm --version`, `df`, and `bash --version`.
- Hook/config writes are scoped to the current repository and occur behind explicit CLI flags.
- Webhook content is audit-rule output and is sent only to a configured user-provided URL.
Source & flagged code
4 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
dist/rules/skill-safety-rules.jsView on unpkg · L36Package source invokes a package manager install command at runtime.
dist/verify/checks.jsView on unpkg · L300This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/doctor.jsView on unpkg