AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Explicit `login`/global setup installs a Claude Code hook that can inspect tool inputs, enforce cloud policy, and transmit audit data. The hook also has a cloud-controlled self-update path guarded only by transport/API response hashing.
Decision evidence
public snapshot- `hooks/guard.mjs` fetches newer hook code from `https://api.solongate.com/api/v1/hooks/*` and replaces installed hook files.
- `dist/global-install.js` registers SolonGate hooks in `~/.claude/settings.json` and stores cloud configuration under `~/.solongate`.
- Guard/audit hooks read AI-tool arguments and post audit records to the configured SolonGate API when an API key is present.
- `dist/shield.js` proxies configured Anthropic traffic and launches the explicit command passed after `shield --`.
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle script.
- Project writes and package-manager calls occur only in explicit `create` or `inject` CLI commands.
- Hook behavior is first-party SolonGate policy/audit setup, not unconsented npm-install mutation.
Source & flagged code
11 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/shield.jsView on unpkg · L269Source combines credential-like environment material and outbound requests; review data flow before blocking.
dist/lib.jsView on unpkg · L42Source writes installer persistence such as shell profile or service configuration.
dist/lib.jsView on unpkg · L42Package source references a known benign dynamic code generation pattern.
dist/audit/index.jsView on unpkg · L1395Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L9368Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L41Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L41Package source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L10142Source reaches cloud instance metadata or link-local credential endpoints.
hooks/guard.mjsView on unpkg · L13