AI Security Review
scanned 10h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time execution or confirmed covert exfiltration is present. Explicit CLI initialization can create a project `.sofagent/config.yml` and replace a Git pre-commit hook; optional webhook delivery sends audit results to a user-configured endpoint.
Decision evidence
public snapshot- `dist/commands/init.js` writes `.git/hooks/pre-commit` when the user runs `--init`.
- `dist/index.js` exposes explicit `--install-hook` and webhook options.
- `dist/webhook.js` POSTs audit warning details to a user-supplied URL or `SOFAGENT_WEBHOOK_URL`.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
- `dist/webhook.js` sends only when the user enables a webhook and supplies/configures its URL.
- `dist/commands/init.js` runs only through explicit CLI initialization and writes project-local `.sofagent` plus Git hook paths.
- `dist/env-check.js` and `dist/commands/doctor.js` use commands for environment/health checks, not payload execution.
- `dist/rules/skill-safety-rules.js` contains detection regexes for `eval`/`Function`, not dynamic execution.
Source & flagged code
4 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
dist/rules/skill-safety-rules.jsView on unpkg · L36Package source invokes a package manager install command at runtime.
dist/verify/checks.jsView on unpkg · L300This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/doctor.jsView on unpkg