AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/listener.js` polls a configurable collab-mcp endpoint and forwards each non-heartbeat message into `wakeup()`.
- `src/wakeup.js` runs a hard-coded external `openclaw.mjs system event --mode now` command via `execFile`.
- `src/config-store.js` persists an API key and listener state outside the package directory.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- Network default is local `http://127.0.0.1:3010`; no fixed external host or data-exfiltration path appears.
- The config initializer and wakeup behavior require explicit CLI/library use; import of `src/index.js` alone has no side effect.
- No eval, shell interpolation, dynamic loading, destructive deletion, or stealth persistence was found.
Source & flagged code
3 flagged · loading source`src/listener.js` polls a configurable collab-mcp endpoint and forwards each non-heartbeat message into `wakeup()`.
src/listener.jsView on unpkg`src/wakeup.js` runs a hard-coded external `openclaw.mjs system event --mode now` command via `execFile`.
src/wakeup.jsView on unpkg`src/config-store.js` persists an API key and listener state outside the package directory.
src/config-store.jsView on unpkg