AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Install-time lifecycle setup modifies a Pi Agent environment by installing extension dependencies and copying package-owned agent definitions. This is a guarded AI-agent extension lifecycle risk, but no concrete malicious exfiltration or remote payload execution was found.
Decision evidence
public snapshot- package.json defines postinstall: bash install.sh
- install.sh invokes pi install and fallback npm install for pi-codex-goal, pi-mcp-adapter, @tintinweb/pi-subagents
- install.sh fallback mutates ~/.pi/agent/settings.json packages list
- install.sh copies shipped agents/*.md into ~/.pi/agent/agents
- No credential harvesting or exfiltration code found in inspected files
- No remote shell download, eval payload, obfuscation, or destructive commands found
- README documents Pi Agent extension setup and API-key requirement
- Shipped agent/prompt markdown is security-workflow oriented, not reviewer/prompt hijacking
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkg