AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/cli.js` `init` registers persistent Claude hooks and MCP servers for detected AI agents.
- `dist/hooks/on-prompt.js` saves submitted prompts to the local Alexandria vault and injects retrieved vault context.
- `dist/hooks/on-stop.js` reads Claude transcript files and persists session summaries locally.
- `dist/cli.js` runs `npx skills add` only through the explicit `skills` flow or `init --skills`.
- `package.json` has no npm install/preinstall/postinstall lifecycle hook; `prepublishOnly` only builds.
- Agent configuration writes occur after the user runs `ale init`, `ale agents`, or `ale doctor`.
- Observed process execution uses fixed commands/arguments; no remote payload download or arbitrary startup execution was found.
- No source evidence of credential harvesting, secret-value collection, or data exfiltration was found.
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
dist/chunk-DHXL36RG.jsView on unpkg · L63This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/cli.jsView on unpkg · L171