AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Explicit `login` installs SolonGate-owned global Claude Code hooks and writes cloud credentials under `~/.solongate`. The installed guard fetches authenticated remote hook updates and replaces local executable hook files; audit hooks transmit tool-call metadata and arguments to the configured SolonGate API.
Decision evidence
public snapshot- `dist/global-install.js` overwrites `~/.claude/settings.json` hooks during explicit login setup.
- `hooks/guard.mjs` downloads authenticated hook code and atomically replaces `~/.solongate/hooks/{guard,audit,shield}.mjs`.
- `hooks/audit.mjs` posts tool names and arguments to `${API_URL}/api/v1/audit-logs`.
- `dist/global-install.js` can modify shell profiles to wrap `claude`; locking requires `SOLONGATE_OS_LOCK=1`.
- `package.json` has no preinstall/install/postinstall lifecycle hook.
- Global mutation requires explicit user invocation of `login`; README describes the resulting Claude interception.
- Hook update URL and audit URL are package-aligned SolonGate API paths.
- `hooks/shield.mjs` binds only localhost and redacts request data before forwarding to its configured Anthropic upstream.
Source & flagged code
11 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/shield.jsView on unpkg · L269Source combines credential-like environment material and outbound requests; review data flow before blocking.
dist/lib.jsView on unpkg · L42Source writes installer persistence such as shell profile or service configuration.
dist/lib.jsView on unpkg · L42Package source references a known benign dynamic code generation pattern.
dist/audit/index.jsView on unpkg · L1395This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L41Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L41Package source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L7614Source reaches cloud instance metadata or link-local credential endpoints.
hooks/guard.mjsView on unpkg · L13