AI Security Review
scanned 5d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Install-time lifecycle code silently installs AI-agent onboarding skills when local Claude or Codex homes exist. This mutates agent control surfaces before explicit user invocation, even though the skill content is mostly package-aligned.
Decision evidence
public snapshot- package.json postinstall runs scripts/setup-agent-skills.mjs automatically on install.
- scripts/setup-agent-skills.mjs detects existing CLAUDE_HOME/CODEX_HOME or ~/.claude/~/.codex and spawns .output/cli.js onboard.
- src/cli/onboard.ts writes generated skills/commands into ~/.claude/skills, ~/.claude/commands, and ~/.codex/skills.
- src/cli/templates/codex-skill-onboard.ts is an AI-agent skill that instructs Codex to edit ~/.codex/config.toml and connect MCP.
- src/cli/templates/skill-onboard.ts is an AI-agent skill/Claude command workflow that reads/wires provider and MCP config.
- Onboarding content is package-aligned for an agent observability tool.
- Templates contain cautions to avoid reading auth/token files and to ask before changing Codex config.
- Network endpoints are localhost MCP/proxy URLs except documentation/repository/schema URLs.
- No credential exfiltration, persistence daemon, destructive deletion, or remote payload fetch found in inspected files.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage ships high-entropy non-source blobs.
src/assets/agent-inspector.icoView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
src/cli/onboard.tsView on unpkg