AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time attack is present. An explicit `solongate login` installs Claude Code hooks, optional shell shims, and cloud-audit behavior; those hooks can transmit tool-call metadata and argument summaries to the configured SolonGate API.
Decision evidence
public snapshot- `login` explicitly installs global Claude hooks and shell shims.
- Hooks send tool names and argument summaries to SolonGate audit API.
- Optional `SOLONGATE_OS_LOCK=1` makes hook/config files immutable.
- `package.json` has no preinstall, install, or postinstall hook.
- CLI dispatch runs installation only for explicit `login`; `logout` restores.
- Observed endpoints are package-aligned SolonGate audit/policy APIs and Anthropic proxy upstream.
- No remote code download/eval or stealth import-time execution found.
Source & flagged code
14 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/tui/index.jsView on unpkg · L2290A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/shield.jsView on unpkg · L281Package source references a known benign dynamic code generation pattern.
dist/audit/index.jsView on unpkg · L1395Source combines credential-like environment material and outbound requests; review data flow before blocking.
dist/lib.jsView on unpkg · L42Source writes installer persistence such as shell profile or service configuration.
dist/lib.jsView on unpkg · L42Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L11605Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L41Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L41Package source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L12393Source reaches cloud instance metadata or link-local credential endpoints.
hooks/guard.mjsView on unpkg · L13