AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Static reason
No blocking static signals were detected.
Trigger
User runs `npx @synergy-design-system/metadata install-skills --path <directory>`.
Impact
Adds package-owned Copilot skill files beneath the selected output path.
Mechanism
Explicit local AI-skill documentation bundle generation.
Rationale
Not malicious by source inspection, but the explicit command installs AI-consumed skill files into a project path. Per firewall policy, this is a warn-level agent capability rather than a publish-blocking compromise.
Evidence
package.jsondist/bin/install-skills.jsdist/public/skill-bundle.jsdist/public/store.jsdata/layers/full/assets/sick2025/js/outline.ts
Decision evidence
public snapshotAI called this Suspicious at 90.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `dist/bin/install-skills.js` runs only when the user invokes the `install-skills` bin.
- `dist/public/skill-bundle.js` creates `.github/skills`-style AI skill bundles with `mkdir`/`writeFile`.
- Generated `SKILL.md` files instruct Copilot to use Synergy component/template guidance.
Evidence against
- `package.json` contains no npm lifecycle hooks.
- No network APIs, child-process APIs, eval/vm, dynamic loading, or environment harvesting found in shipped JS.
- The CLI requires an explicit `--path` and writes documentation derived from packaged metadata.
- `data/layers/full/assets/sick2025/js/outline.ts` is a static SVG icon map; the size alert is non-executable data.
- Generated skill text contains component/template documentation and no credential, exfiltration, shell, or prompt-override directives.
Behavioral surface
FilesystemNetwork
HighEntropyStringsMinifiedTelemetryUrlStrings
Oversized source lightweight scan
data/layers/full/assets/sick2025/js/outline.ts2.17 MB file, sampled 256 KB
MinifiedUrlStringswww.w3.org
Source & flagged code
1 flagged · loading sourcedata/layers/full/assets/sick2025/js/outline.tsView file
•path = [redacted].ts
kind = oversized_source_file
sizeBytes = 2274600
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
data/layers/full/assets/sick2025/js/outline.tsView on unpkgFindings
1 High2 Medium5 Low
HighOversized Source Filedata/layers/full/assets/sick2025/js/outline.ts
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings