AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time attack behavior is established. An explicit `agb bootstrap` mutates the user's Antigravity skill/plugin surface by installing package-aligned skills and an ADLC plugin.
Decision evidence
public snapshot- `bin/agb.mjs` exposes explicit `bootstrap`/`install` commands.
- `lib/bootstrap.mjs` copies or symlinks package skills into `~/.gemini/skills`.
- `lib/bootstrap.mjs` invokes `agy plugin install` for the aligned `@adlc/antigravity` plugin.
- `skills/release/SKILL.md` instructs an agent to run release, git, GitHub, and npm-publish workflow commands when invoked.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- Bootstrap is reachable only through an explicit CLI command, not package installation or import.
- No source uses direct HTTP clients, `fetch`, credential harvesting, or outbound exfiltration.
- `lib/agy.mjs` launches the user-selected `agy` CLI and stores transcripts owner-only when logging.
- No hidden executable payloads or native binaries were present in the inspected package files.
Source & flagged code
4 flagged · loading source`bin/agb.mjs` exposes explicit `bootstrap`/`install` commands.
bin/agb.mjsView on unpkg`lib/bootstrap.mjs` copies or symlinks package skills into `~/.gemini/skills`.
lib/bootstrap.mjsView on unpkg`lib/bootstrap.mjs` invokes `agy plugin install` for the aligned `@adlc/antigravity` plugin.
lib/bootstrap.mjsView on unpkg`skills/release/SKILL.md` instructs an agent to run release, git, GitHub, and npm-publish workflow commands when invoked.
skills/release/SKILL.mdView on unpkg