AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Confirmed install-time mutation of a foreign AI/OAuth dependency page. The changed page is used during provider sign-in flows and is altered without explicit user consent.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/brand-oauth-page.mjs
- scripts/brand-oauth-page.mjs resolves @earendil-works/pi-ai/oauth then writes utils/oauth/oauth-page.js inside that dependency
- Postinstall changes OAuth callback branding for Claude Pro/Max, ChatGPT, and GitHub Copilot sign-in without user action
- The hook inlines shipped logo/favicon assets into the foreign SDK page and replaces title/favicon/logo
- No credential harvesting or exfiltration found in the postinstall script
- No outbound network calls in scripts/brand-oauth-page.mjs
- dist/entry.js and brigade.mjs are CLI dispatch shims, not import-time exfiltration
- dist/agents/extensions/install.js installs user-requested extensions and surfaces scan findings rather than auto-running them
- dist/security/injection-patterns.js is a defensive scanner; unicode range is in a regex, not hidden control flow
Source & flagged code
26 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
dist/ui/onboarding.jsView on unpkg · L14Source writes installer persistence such as shell profile or service configuration.
dist/core/daemon/systemd.jsView on unpkg · L8Package source references a known benign dynamic code generation pattern.
dist/agents/org/pride-image.jsView on unpkg · L90Package source references dynamic require/import behavior.
brigade.mjsView on unpkg · L54Package source references weak cryptographic algorithms.
dist/agents/tool-loop-detector.jsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
scripts/convex-dev.mjsView on unpkg · L16Source reaches cloud instance metadata or link-local credential endpoints.
dist/infra/net/fetch-guard.jsView on unpkg · L4Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/security/injection-patterns.jsView on unpkg · L58Package source invokes a package manager install command at runtime.
scripts/convex-push.mjsView on unpkg · L75Package ships non-JavaScript build or shell helper files.
skills/video-frames/scripts/frame.shView on unpkgPackage ships high-entropy non-source blobs.
scripts/assets/brigade-favicon.icoView on unpkgPackage contains source files above the static scanner size ceiling.
dist/ui/brand-frames-cli.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/ui/brand-frames-cli.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/agents/extensions/install-scan.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/agents/extensions/install.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/core/daemon/launchd.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/core/daemon/schtasks.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/core/tunnel/providers/bore.jsView on unpkgHardcoded password in dist/agents/channels/bluebubbles/account-config.d.ts
dist/agents/channels/bluebubbles/account-config.d.tsView on unpkg · L28Hardcoded password in dist/agents/channels/bluebubbles/account-config.d.ts
dist/agents/channels/bluebubbles/account-config.d.tsView on unpkg · L34Hardcoded password in dist/agents/channels/bluebubbles/account-config.d.ts
dist/agents/channels/bluebubbles/account-config.d.tsView on unpkg · L35Hardcoded password in dist/agents/channels/bluebubbles/account-config.js
dist/agents/channels/bluebubbles/account-config.jsView on unpkg · L28Hardcoded password in dist/agents/channels/bluebubbles/account-config.js
dist/agents/channels/bluebubbles/account-config.jsView on unpkg · L34Hardcoded password in dist/agents/channels/bluebubbles/account-config.js
dist/agents/channels/bluebubbles/account-config.jsView on unpkg · L35