AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. npm postinstall unconditionally writes package-supplied AI-agent instruction files into the user's home-level Claude skills directory. An environment variable expands this install-time mutation to other AI-agent control surfaces.
Decision evidence
public snapshot- package.json runs scripts/install.js in postinstall.
- scripts/install.js defaults to writing 13 skills under ~/.claude/skills.
- Lifecycle targets include ~/.codex, ~/.agents, ~/.cursor, and ~/.github.
- Installer copies package-controlled SKILL.md instructions into agent control directories.
- wowok-tools/SKILL.md is marked always: true and directs agent tool actions.
- No network, shell execution, dynamic code loading, or credential harvesting found.
- README.md documents the lifecycle behavior and explicit CLI alternatives.
- preuninstall removes only named wowok-* skill directories.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/install.jsView on unpkg · L4