AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. On normal OpenCode plugin initialization, the package creates a global agent file and syncs globally discoverable skills. This is a first-party agent-extension lifecycle mutation, not an npm install-time hook.
Decision evidence
public snapshot- `dist/index.js` invokes `setup(directory)` on plugin initialization.
- `dist/setup.js` writes global `~/.config/opencode/agent/ralph-check.md` plus a managed marker.
- `dist/setup.js` copies bundled skills into `~/.config/opencode/skills/` on startup.
- The installed agent permits `webfetch`, external directories, and selected test/run shell commands.
- `package.json` has no preinstall/install/postinstall lifecycle hooks.
- No direct HTTP client, child-process, eval, dynamic code loading, or credential harvesting exists in `dist/*.js`.
- Global files are package-owned/marker-guarded and user files with the same names are not overwritten.
- No concrete exfiltration, destructive action, remote payload execution, or stealth persistence was found.
Source & flagged code
3 flagged · loading source`dist/index.js` invokes `setup(directory)` on plugin initialization.
dist/index.jsView on unpkg`dist/setup.js` writes global `~/.config/opencode/agent/ralph-check.md` plus a managed marker.
dist/setup.jsView on unpkg`dist/setup.js` copies bundled skills into `~/.config/opencode/skills/` on startup.
dist/setup.jsView on unpkg