AI Security Review
scanned 6d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No unconsented npm lifecycle attack surface was confirmed. The package is an explicit Claude Code/SpecShip integration that can add MCP config, permissions, hooks, commands, a subagent, and optional git hooks when the user runs its installer.
Decision evidence
public snapshot- `lib/dist/installer/targets/claude.js` writes Claude MCP config, permissions, hooks, slash commands, and a subagent on `specship install`.
- `lib/dist/installer/targets/shared.js` auto-allows multiple `mcp__specship__*` tools when permissions are enabled.
- `lib/dist/sync/git-hooks.js` can install git post-commit/post-merge/post-checkout hooks that run `specship sync`.
- `lib/dist/installer/index.js` may run `npm install -g @specship/specship`, but only after interactive confirmation.
- `package.json` has no npm lifecycle scripts, so install-time execution is not established.
- Agent config writes are reached through explicit `specship install`, with local default and prompts unless `--yes` is supplied.
- MCP command is package-aligned: `specship serve --mcp`, not a remote or foreign payload.
- No credential harvesting or exfiltration endpoint was found in inspected entrypoints.
- Native `node` binary is a bundled darwin-arm64 runtime launched by `bin/specship` to run the package CLI.
Source & flagged code
8 flagged · loading sourcePackage source references child process execution.
lib/dist/health/smoke-check.jsView on unpkg · L56Package source references a known benign dynamic code generation pattern.
lib/dist/bin/specship.jsView on unpkg · L247Package source references dynamic require/import behavior.
lib/dist/ui/shimmer-worker.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/dist/designer/cdp-ensure.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
lib/dist/installer/index.jsView on unpkg · L125Package ships WebAssembly modules.
lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/dist/server/cli.jsView on unpkg