AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. When Pi loads the extension and starts a session, it auto-registers Graphify tools and probes a locally resolved `graphify` executable. It can also add a static Graphify-use hint to the session prompt when a project graph is present.
Decision evidence
public snapshot- `package.json` declares a Pi extension that loads `extensions/index.ts`.
- `extensions/index.ts` initializes the coordinator on every Pi `session_start`.
- `src/backends/cli.ts` resolves `graphify` from PATH/home locations and runs probes via `execFile`.
- `extensions/index.ts` appends a package-supplied Graphify hint to the agent system prompt when a local graph exists.
- `package.json` has no preinstall, install, postinstall, or prepare hook.
- CLI calls use `execFile` with argument arrays; no eval, dynamic loading, or arbitrary shell command construction.
- No source network API, credential/environment harvesting, filesystem writes, or persistence mechanism was found.
- The prompt hint is static, Graphify-specific, and gated on `graphify-out/graph.json`.
Source & flagged code
4 flagged · loading source`package.json` declares a Pi extension that loads `extensions/index.ts`.
package.jsonView on unpkg`extensions/index.ts` initializes the coordinator on every Pi `session_start`.
extensions/index.tsView on unpkg`extensions/index.ts` appends a package-supplied Graphify hint to the agent system prompt when a local graph exists.
extensions/index.tsView on unpkg`src/backends/cli.ts` resolves `graphify` from PATH/home locations and runs probes via `execFile`.
src/backends/cli.tsView on unpkg