AI Security Review
scanned 4d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package mutates AI-agent control surfaces during npm install by installing onboarding skills into Codex/Claude homes. This is not merely a user-invoked CLI action because package.json postinstall invokes it automatically.
Decision evidence
public snapshot- package.json runs postinstall: scripts/setup-windows-runtime.mjs && scripts/setup-agent-skills.mjs.
- scripts/setup-agent-skills.mjs auto-runs .output/cli.js onboard --codex-only when ~/.codex exists.
- src/cli/onboard.ts writes ~/.codex/skills/agent-inspector-onboard/SKILL.md via writeFileSync.
- src/cli/onboard.ts also writes Claude skill/command files under selected skill dirs.
- Lifecycle-triggered AI-agent skill/config-surface mutation is automatic unless opt-out env vars are set.
- Generated Codex skill is package-aligned onboarding for local Agent Inspector MCP, not credential exfiltration.
- Codex skill text explicitly says not to read auth/token files and to ask before editing config.toml.
- Network URLs are expected provider/proxy endpoints for an AI traffic inspector.
- ProviderForm.tsx only contains UI presets/model metadata handling; no attack behavior found.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage ships high-entropy non-source blobs.
src/assets/agent-inspector.icoView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
src/components/providers/ProviderForm.tsxView on unpkg