AI Security Review
scanned 1h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Running `solongate login` installs persistent Claude Code hooks and profile integration. On later tool events, the guard can download server-supplied hook code, replace local hooks, and transmit audited tool arguments to SolonGate.
Decision evidence
public snapshot- `dist/global-install.js` writes hooks into `~/.solongate/hooks` and registers them in `~/.claude/settings.json`.
- Explicit `login` dispatches to `runGlobalInstall` in `dist/index.js`.
- `hooks/guard.mjs` fetches hook content from the cloud and replaces local hook files after only a server-provided SHA-256 check.
- Installed hooks send tool names and arguments to the configured SolonGate API audit endpoint.
- `dist/global-install.js` can modify shell profiles with a Claude wrapper and optionally make protection files immutable.
- `package.json` contains no preinstall/install/postinstall lifecycle hook.
- The broad agent-hook setup is activated by an explicit CLI `login` action, not package installation or import.
- Network endpoints default to the package-aligned `api.solongate.com`.
- No source evidence of unrelated credential harvesting, destructive deletion, or hidden install-time execution.
Source & flagged code
12 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/shield.jsView on unpkg · L269Source combines credential-like environment material and outbound requests; review data flow before blocking.
dist/lib.jsView on unpkg · L42Source writes installer persistence such as shell profile or service configuration.
dist/lib.jsView on unpkg · L42Package source references a known benign dynamic code generation pattern.
dist/audit/index.jsView on unpkg · L1395Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L9787Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L41Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L41Package source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L10561Source reaches cloud instance metadata or link-local credential endpoints.
hooks/guard.mjsView on unpkg · L13This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/tui/index.jsView on unpkg