AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time execution is present. Explicit setup/install commands modify first-party Cortex editor integrations and add capture hooks; those hooks can send redacted session-derived data to Cortex. An exposed iMessage tool is guarded but remains a sensitive capability.
Decision evidence
public snapshot- `lib/setup.mjs` explicitly writes Claude and detected Codex MCP/hook configuration.
- `lib/capture.mjs` reads Stop-hook transcript input and POSTs derived data; raw transcript is fallback when local extraction is unavailable.
- `lib/imessage_send.mjs` can invoke `osascript` to send iMessage after explicit `send:true` and recipient gating.
- `lib/install.mjs` wires supported editors and writes `~/.cortex/editors.json` on an explicit CLI command.
- `package.json` has no preinstall, install, or postinstall lifecycle scripts.
- `bin/cortex-mcp.mjs` activates setup/install/uninstall/capture only through explicit subcommands.
- `lib/capture.mjs` redacts transcript secrets before constructing the ingest request.
- `lib/imessage_send.mjs` defaults to draft mode and blocks non-allowlisted sends without an out-of-band secret.
- Network use is Cortex-aligned: default base is `https://cortex-console.vercel.app` in `lib/diagnose.mjs`.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/capture.mjsView on unpkgPackage source references weak cryptographic algorithms.
lib/capture.mjsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
lib/uninstall.mjsView on unpkg · L3