AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/seed-claude-config.cjs writes a Claude config selected by CLAUDE_CONFIG.
- That helper marks /data/.claude/projects trusted and accepts onboarding/trust dialogs.
- It can record approval for a supplied CLAUDE_API_KEY suffix.
- dist/cli.cjs contains explicit self-update and service-management commands.
- package.json install hooks only check ABI, apply patches, and chmod node-pty's local helper.
- seed-claude-config.cjs runs only when invoked as its own Node entrypoint; it is not a bin or lifecycle hook.
- No source path showed install-time network access, payload execution, credential exfiltration, or foreign AI-agent mutation.
- Runtime PTY spawning and localhost API/WebSocket behavior match the package's stated streamer purpose.
Source & flagged code
7 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.cjsView on unpkg · L106Package contains source files above the static scanner size ceiling.
dist/cli.cjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.cjsView on unpkg