AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installing the dependency invokes a postinstall script that changes AI-agent instruction files in the consumer project. It preferentially appends to `CLAUDE.md`, otherwise creates/appends `AGENTS.md`, directing agents to package-controlled instructions.
Decision evidence
public snapshot- `package.json` runs `node scripts/postinstall.mjs` automatically on install.
- `scripts/postinstall.mjs` targets consumer-root `CLAUDE.md` or `AGENTS.md`.
- It creates or appends a package-supplied agent-instruction block without consent.
- `INIT_CWD`/`cwd` selects the installing project and only checks for its `package.json`.
- No network, subprocess, eval, credential harvesting, or payload loading is present in inspected files.
- `dist/index.js` is a UI component bundle and contains no matching execution primitives.
- The lifecycle script is idempotent for its marker and suppresses errors.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L3Manifest entrypoint contains risky behavior absent from dist/build output.
scripts/postinstall.mjsView on unpkg · L25Source fingerprint signature matches a known malicious package signature; route for source-aware review.
scripts/postinstall.mjsView on unpkg