AI Security Review
scanned 5h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Explicit setup installs ATTRIBUT-owned hooks into supported AI-agent configuration files and an optional hourly heartbeat timer. Invoked hooks read local session metadata, create local identifiers/state, and POST authenticated telemetry. No npm lifecycle-time mutation occurs.
Decision evidence
public snapshot- `src/install.cjs` explicitly installs hooks for Claude, Codex, Cursor, and Antigravity.
- `src/timer.cjs` creates an hourly launchd/systemd/Task Scheduler heartbeat job after explicit connection.
- `src/collector.cjs` reads local AI-agent session artifacts and posts telemetry with a bearer token.
- `src/update.cjs` supports heartbeat-directed npm global self-updates when enabled.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- Hook and timer setup require explicit `attribut install` or `attribut connect` commands.
- `src/install.cjs` scopes mutations to package-owned hook entries and backs up configs.
- `src/collector.cjs` defaults to `https://ingest.attribut.ai` and rejects non-HTTPS unless a testing override is set.
- `src/contract/envelope.schema.json` constrains transmitted telemetry to bounded metadata rather than arbitrary files/content.
- No eval, VM execution, remote payload loading, or hidden import-time execution was found.
Source & flagged code
4 flagged · loading sourceSource writes installer persistence such as shell profile or service configuration.
src/timer.cjsView on unpkg · L15This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/update.cjsView on unpkgPackage source invokes a package manager install command at runtime.
src/update.cjsView on unpkg · L21