AI Security Review
scanned 1h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/seed-claude-config.cjs` writes trust/onboarding fields to the `CLAUDE_CONFIG` path.
- The helper adds `/data/.claude/projects` as a trusted Claude project and approves an API-key suffix.
- `dist/index.cjs` spawns Codex/Claude PTY sessions with `acceptEdits` as the default permission mode.
- `package.json` does not invoke the Claude config helper from `preinstall`, `prepare`, or `postinstall`.
- Install-time `postinstall` only chmods node-pty's packaged `spawn-helper`; `preinstall` targets an absent unpacked script.
- The config seeder requires direct execution plus caller-supplied `CLAUDE_CONFIG`; no CLI/library reference reaches it.
- No source evidence of credential exfiltration, hidden remote payload execution, or destructive install behavior.
Source & flagged code
8 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.cjsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.cjsView on unpkg · L106Package contains source files above the static scanner size ceiling.
dist/cli.cjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.cjsView on unpkg