AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installation mutates a consumer project's AI-agent instruction surface. The package appends a package-authored pointer to an existing root instruction file or creates one.
Decision evidence
public snapshot- `package.json` defines `postinstall`.
- `scripts/postinstall.mjs` runs when installed under a consumer `node_modules`.
- It derives the consumer root from `INIT_CWD` or `cwd`.
- It creates or appends the consumer-root `CLAUDE.md` or `AGENTS.md`.
- The injected block directs AI agents to package-controlled instructions.
- Writes are automatic, persistent, and silently suppress errors.
- `dist/index.js` is a React design-system bundle with no discovered filesystem, shell, eval, or network APIs.
- No network endpoint, credential harvesting, or payload download was found.
- The `prepare` hook only invokes `simple-git-hooks` in the package development workflow.
- The font artifact is consistent with the self-hosted design-system asset referenced by CSS/docs.
Source & flagged code
6 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L3Manifest entrypoint contains risky behavior absent from dist/build output.
scripts/postinstall.mjsView on unpkg · L25Source fingerprint signature matches a known malicious package signature; route for source-aware review.
scripts/postinstall.mjsView on unpkgPackage ships high-entropy non-source blobs.
dist/fonts/Struve-Medium.woff2View on unpkg