AI Security Review
scanned 8h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/src/connection.js` accepts the `openclawApplySyncMapping` WebSocket command.
- `dist/src/apply-sync-mapping.js` accepts `host_absolute` local roots and forwards resolved paths to a sync-service API.
- The remote command can PUT or DELETE mappings once `syncServiceBaseUrl` is configured.
- `dist/src/sync-service-client.js` performs the mapping API requests without an additional local confirmation.
- `package.json` has no preinstall, install, or postinstall hook; `prepublishOnly` only builds.
- `dist/index.js` registers an OpenClaw channel and optional IM tools, matching the declared plugin purpose.
- No shell execution, eval/vm, dynamic code loading, binaries, or package-local persistence was found.
- File reads for the send-file tool are constrained to the current agent workspace in `dist/src/send-file-tool.js`.
Source & flagged code
3 flagged · loading source`dist/src/connection.js` accepts the `openclawApplySyncMapping` WebSocket command.
dist/src/connection.jsView on unpkg`dist/src/apply-sync-mapping.js` accepts `host_absolute` local roots and forwards resolved paths to a sync-service API.
dist/src/apply-sync-mapping.jsView on unpkg`dist/src/sync-service-client.js` performs the mapping API requests without an additional local confirmation.
dist/src/sync-service-client.jsView on unpkg