AI Security Review
scanned 3d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious install-time attack surface. The package is a self-contained Windows CLI bundle with user-invoked Claude/MCP integration that writes package-owned config and commands.
Decision evidence
public snapshot- lib/dist/installer/targets/claude.js can write Claude MCP config, settings hooks, permissions, slash commands, and a subagent when user runs installer
- lib/dist/installer/index.js may run `npm install -g @specship/specship` from the interactive installer
- lib/dist/sync/git-hooks.js can install marked git hooks that run `specship sync` after git actions when user accepts fallback
- package.json has no npm lifecycle scripts, so install does not automatically mutate user/project agent config
- bin/specship.cmd only launches bundled node.exe with lib/dist/bin/specship.js when user invokes the CLI
- Claude config writes are tied to explicit `specship install` flow, with local default and prompts unless `--yes` is passed
- Uninstall paths remove only marked/specship-owned entries from Claude config and hooks
- No credential harvesting or exfiltration behavior confirmed in inspected entrypoints
- Network references observed are product-aligned local/Claude design functionality, not covert endpoints
Source & flagged code
10 flagged · loading sourcePackage source references child process execution.
lib/dist/health/smoke-check.jsView on unpkg · L56This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/dist/bin/specship.jsView on unpkgPackage source references a known benign dynamic code generation pattern.
lib/dist/bin/specship.jsView on unpkg · L295Package source references dynamic require/import behavior.
lib/dist/ui/shimmer-worker.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/dist/designer/cdp-ensure.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
lib/dist/installer/index.jsView on unpkg · L125Package ships WebAssembly modules.
lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
bin/specship.cmdView on unpkgPackage contains source files above the static scanner size ceiling.
lib/dist/web/chunk-JTFXTIPE.jsView on unpkg