registry  /  @zigai/pi-ui-tweaks  /  0.4.0

@zigai/pi-ui-tweaks@0.4.0

Pi package for small configurable UI tweaks.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The package is a Pi extension that mutates Pi UI methods during extension runtime. It scaffolds only its own configuration and has an opt-in local render-trace writer. No concrete malicious chain or network exfiltration is established.

Static reason
No blocking static signals were detected.
Trigger
Pi loads the declared extension and starts a session; tracing additionally requires `PI_UI_TWEAKS_RENDER_TRACE=1`.
Impact
Changes Pi interface behavior and creates package-owned local configuration; optional trace output is local metadata.
Mechanism
first-party Pi extension runtime patching and config scaffolding
Rationale
Source inspection found package-aligned UI customization and limited first-party configuration writes, but no install hook, exfiltration, remote execution, destructive action, or foreign control-surface mutation. Downgrade to warn for the extension lifecycle/config mutation policy.
Evidence
package.jsonsrc/index.tssrc/settings.tssrc/render-trace.tssrc/model-selector-provider-badge.ts

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Benign with medium false-positive risk.
Evidence for warning
  • `src/index.ts` registers a Pi extension that patches Pi UI prototypes at runtime.
  • `src/settings.ts` creates and refreshes first-party Pi UI-tweaks config/schema files on session start.
  • `src/render-trace.ts` can write trace metadata when `PI_UI_TWEAKS_RENDER_TRACE=1` is explicitly set.
Evidence against
  • `package.json` has no npm lifecycle scripts or executable bin.
  • No network, child-process, eval, shell, credential harvesting, or exfiltration APIs found.
  • `src/model-selector-provider-badge.ts` dynamically imports a resolved Pi theme module only for UI badge styling.
  • Project config is read only when Pi reports the project trusted.
Behavioral surface
Source
DynamicRequireEnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 17 file(s), 121 KB of source

Source & flagged code

1 flagged · loading source
src/model-selector-provider-badge.tsView file
126const themePath = pathToFileURL(join(distDir, "modes/interactive/theme/theme.js")).href; L127: const themeModule: unknown = (await import(themePath)) as unknown; L128: const theme = getUnknownProperty(themeModule, "theme");
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/model-selector-provider-badge.tsView on unpkg · L126

Findings

2 Medium1 Low
MediumDynamic Requiresrc/model-selector-provider-badge.ts
MediumEnvironment Vars
LowFilesystem