AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/chunk-CDPG6CHJ.js` `runInit` wires MCP entries and Claude hooks.
- `wireProject` writes project and some detected agent configuration files.
- Claude hook commands invoke `aethereum hook ...` after explicit setup.
- Hosted sync sends room events with a configured bearer token to the configured API.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
- CLI dispatch calls `runInit` only for the explicit `aethereum init` command.
- Network defaults are package-aligned at `https://www.aethereum.dev`.
- No confirmed credential harvesting, remote-code loading, or destructive behavior found.
- The main library entrypoint only exports room/event APIs.
Source & flagged code
8 flagged · loading sourcePackage source references child process execution.
dist/chunk-CDPG6CHJ.jsView on unpkg · L27Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/chunk-CDPG6CHJ.jsView on unpkg · L27Source appears to send environment or credential material to an external endpoint.
dist/sdk-5FRGHEGL.jsView on unpkg · L4A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/sdk-5FRGHEGL.jsView on unpkg · L4Source writes installer persistence such as shell profile or service configuration.
dist/sdk-5FRGHEGL.jsView on unpkg · L4A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/index.jsView on unpkg · L104