AI Security Review
scanned 6d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No unconsented npm install-time attack surface was confirmed. The package contains a user-invoked Claude Code integration installer that can register SpecShip MCP tools, permissions, hooks, commands, and an agent file.
Decision evidence
public snapshot- lib/dist/installer/index.js user-invoked installer can write Claude Code MCP config and permissions
- lib/dist/installer/targets/claude.js writes .mcp.json or ~/.claude.json plus .claude/settings.json
- lib/dist/installer/targets/claude.js can install Claude hooks and package slash-command/subagent files
- lib/dist/installer/index.js --yes defaults autoAllow=true for SpecShip MCP tools
- lib/dist/installer/index.js can run npm install -g @specship/specship when user accepts CLI install
- package.json has no npm lifecycle scripts, bin, main, or module entrypoint
- bin/specship only execs bundled node with lib/dist/bin/specship.js and argv
- Claude config mutation is reached through specship install/CLI options, not package install-time execution
- Default install location is local; global scope is prompted or explicitly requested
- MCP command is package-aligned: specship serve --mcp
- No credential harvesting or exfiltration endpoint found in inspected installer/CLI paths
Source & flagged code
8 flagged · loading sourcePackage source references child process execution.
lib/dist/health/smoke-check.jsView on unpkg · L56Package source references a known benign dynamic code generation pattern.
lib/dist/bin/specship.jsView on unpkg · L247Package source references dynamic require/import behavior.
lib/dist/ui/shimmer-worker.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/dist/designer/cdp-ensure.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
lib/dist/installer/index.jsView on unpkg · L125Package ships WebAssembly modules.
lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/dist/server/cli.jsView on unpkg