AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/tools.js` maps Codex/Cursor handoffs to project `AGENTS.md`.
- `dist/cli.js` writes handoff files after explicit CLI commands.
- `dist/mcp.js` exposes `handoff`/`refresh` tools that write target agent files.
- `dist/discover.js` reads Claude Code, Codex, and Cursor session stores.
- `dist/cloud.js` uploads complete redacted session objects on explicit `sup push`.
- `dist/llm.js` sends redacted transcript prompts when user API keys are configured.
- `package.json` has no preinstall, install, postinstall, or prepare hook.
- Writes occur only through user-invoked CLI commands or MCP tool calls.
- `dist/redact.js` redacts recognized secrets before distillation and cloud upload.
- `dist/login-browser.js` binds OAuth callback only to `127.0.0.1` and validates state.
- No remote code loading, eval/vm use, destructive deletion, or stealth persistence found.
Source & flagged code
5 flagged · loading source`dist/tools.js` maps Codex/Cursor handoffs to project `AGENTS.md`.
dist/tools.jsView on unpkg`dist/cli.js` writes handoff files after explicit CLI commands.
dist/cli.jsView on unpkg`dist/mcp.js` exposes `handoff`/`refresh` tools that write target agent files.
dist/mcp.jsView on unpkg`dist/discover.js` reads Claude Code, Codex, and Cursor session stores.
dist/discover.jsView on unpkg`dist/cloud.js` uploads complete redacted session objects on explicit `sup push`.
dist/cloud.jsView on unpkg