AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `lib/dist/bin/specship.js` registers explicit `install` and no-argument setup flows.
- `lib/dist/installer/targets/claude.js` writes MCP config, Claude hooks, commands, an agent file, and `CLAUDE.md` content.
- Installed hooks run `specship sync --quiet`, `specship spec-nudge`, and `specship steer-nudge` in Claude Code.
- `specship update` fetches release metadata and can invoke npm or a GitHub-hosted shell installer.
- Root `package.json` has no lifecycle scripts, so npm installation does not trigger setup.
- Agent-control changes are reached only through explicit CLI use; interactive setup prompts for scope and permissions.
- The installer targets its own `specship` entries and preserves unrelated configuration.
- Optional JIRA and Designer integrations are off by default; no source evidence of credential harvesting or covert exfiltration.
- The dynamic worker import is a normal static `worker_threads`/`fs` UI worker; WASM and font blobs are package assets.
Source & flagged code
9 flagged · loading sourcePackage source references child process execution.
lib/dist/update/run-installer.jsView on unpkg · L12Package source references a known benign dynamic code generation pattern.
lib/dist/bin/specship.jsView on unpkg · L250Package source references dynamic require/import behavior.
lib/dist/ui/shimmer-worker.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/dist/designer/cdp-ensure.jsView on unpkg · L9This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/dist/installer/index.jsView on unpkgPackage source invokes a package manager install command at runtime.
lib/dist/installer/index.jsView on unpkg · L128Package ships WebAssembly modules.
lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkgPackage ships high-entropy non-source blobs.
lib/dist/ui/assets/geist-mono-vietnamese-wght-normal-D8KDMBhC.woff2View on unpkg