AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/seed-claude-config.cjs can modify a Claude config path supplied through CLAUDE_CONFIG.
- That script marks /data/.claude/projects trusted and records a custom API-key approval suffix.
- dist/cli.cjs provides explicit update/install and service lifecycle capabilities.
- package.json postinstall only attempts chmod on node-pty's platform helper; it does not alter agent settings.
- package.json preinstall references scripts/check-native-abi.mjs, which is absent from the shipped package.
- seed-claude-config.cjs runs only behind a require.main guard; it is not an install or import hook.
- The PTY launcher invokes the Claude executable with acceptEdits, not a skip-permissions mode.
- Updater networking is explicit CLI update behavior and targets GitHub Releases with manifest/download handling.
Source & flagged code
7 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.cjsView on unpkg · L106Package contains source files above the static scanner size ceiling.
dist/cli.cjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.cjsView on unpkg