AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Static reason
No blocking static signals were detected.
Trigger
User runs `theokit-init-claude`.
Impact
Can change how Claude Code operates in that project after explicit user invocation.
Mechanism
Copies bundled agent templates into project-local `.claude/` plus optional root instruction files.
Rationale
The package is not malicious by the inspected source, but its explicit CLI mutates an AI-agent control surface. Per policy, this warrants a warning rather than a block.
Evidence
package.jsonbin/init-claude.mjsbin/theokit-migrate-config.mjsbin/theokit-migrate-memory.mjs.claude/AGENTS.mdCLAUDE.mdclaude-template/
Decision evidence
public snapshotAI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `bin/init-claude.mjs` copies package templates into the invoking project’s `.claude/` directory and may add `AGENTS.md` and `CLAUDE.md`.
- The mutation occurs when the user explicitly runs `theokit-init-claude`; it is an AI-agent control-surface setup command.
Evidence against
- `package.json` has no `preinstall`, `install`, `postinstall`, `prepare`, or uninstall lifecycle hook.
- `bin/theokit-migrate-config.mjs` defaults to dry-run and writes only with `--apply`.
- `bin/theokit-migrate-memory.mjs` prompts before deleting the old SQLite database.
- No inspected CLI code performs network requests, credential harvesting, shell execution, or remote payload loading.
Behavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsTelemetryUrlStrings
Source & flagged code
1 flagged · loading sourcedist/project.cjsView file
2L3: var promises = require('fs/promises');
L4: var path = require('path');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/project.cjsView on unpkg · L2Findings
3 Medium5 Low
MediumDynamic Requiredist/project.cjs
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings