AI Security Review
scanned 6d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious install-time attack surface. The package provides a Claude Code/MCP integration that can modify agent config, permissions, hooks, commands, agents, git hooks, and start a project-local daemon when the user invokes the CLI installer or runtime server.
Decision evidence
public snapshot- User-invoked installer writes Claude MCP config and permissions in lib/dist/installer/targets/claude.js
- Installer can add Claude hooks that run `specship sync --quiet` and optional `specship spec-nudge`
- Installer copies package slash commands and subagent files into Claude command/agent dirs
- Optional fallback installs git post-commit/post-merge/post-checkout hooks in lib/dist/sync/git-hooks.js
- MCP launcher can spawn a detached project-local daemon under `.specship/`
- Root package.json has no npm lifecycle scripts or install hooks
- Agent/Claude writes are reached via explicit `specship` CLI install/no-args flow, not package install time
- Default install is local; governance tier and statusline require explicit opt-in flags/prompts
- No credential harvesting or external exfiltration endpoints found in inspected installer paths
- Network hits seen are local CDP/MCP or product-aligned Claude design URLs, not covert exfiltration
Source & flagged code
8 flagged · loading sourcePackage source references child process execution.
lib/dist/health/smoke-check.jsView on unpkg · L56Package source references a known benign dynamic code generation pattern.
lib/dist/bin/specship.jsView on unpkg · L247Package source references dynamic require/import behavior.
lib/dist/ui/shimmer-worker.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/dist/designer/cdp-ensure.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
lib/dist/installer/index.jsView on unpkg · L125Package ships WebAssembly modules.
lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/dist/server/cli.jsView on unpkg