AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/index.js` `connect` opens an authenticated WebSocket and dispatches platform messages.
- `dist/webide-message-worker.js` sends received prompt/workdir/API-key fields to `@cursor/sdk` agents.
- `dist/index.js` runs `npm install -g ai-project-manage-cli@…` automatically before `connect` and daemon start.
- Explicit deploy commands execute Docker, Maven, SSH, and SFTP operations using project configuration.
- `package.json` has only `prepublishOnly`; published install has no preinstall/install/postinstall hook.
- No `eval`, `Function`, VM loading, downloaded-code execution, or foreign Cursor/Claude/Codex config paths were found.
- Network use, PM2 persistence, and project writes are attached to documented explicit CLI commands.
- Default server is local `127.0.0.1`; other platform endpoints require user configuration/login.
Source & flagged code
5 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L1955Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L9This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/webide-message-worker.jsView on unpkg