AI Security Review
scanned 2d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- bin/berserqir.js explicit install/update command compiles and writes agent harness files into target repo.
- adapters/claude-code/compile.mjs writes .claude/settings.json hooks invoking .berserqir/hooks/claude-adapter.mjs.
- adapters/cursor/compile.mjs writes .cursor/hooks.json; adapters/copilot/compile.mjs writes .github/hooks/berserqir.json.
- core/hooks/update-check/update-check.mjs can run npm view berserqir version as a detached update check from installed hooks.
- package.json has no preinstall/install/postinstall lifecycle scripts; install mutation is user-invoked via bin.
- bin/berserqir.js plans conflicts, prompts unless --yes/non-TTY, supports --dry-run, and preserves modified files unless --force.
- Hook behavior is package-aligned guardrails: git-safety, config-protection, memory validation, journaling, and update nudges.
- No credential harvesting, arbitrary remote payload download, eval/vm/Function, or non-package exfiltration endpoints found.
Source & flagged code
4 flagged · loading sourcebin/berserqir.js explicit install/update command compiles and writes agent harness files into target repo.
bin/berserqir.jsView on unpkgadapters/claude-code/compile.mjs writes .claude/settings.json hooks invoking .berserqir/hooks/claude-adapter.mjs.
adapters/claude-code/compile.mjsView on unpkgadapters/cursor/compile.mjs writes .cursor/hooks.json; adapters/copilot/compile.mjs writes .github/hooks/berserqir.json.
adapters/cursor/compile.mjsView on unpkgcore/hooks/update-check/update-check.mjs can run npm view berserqir version as a detached update check from installed hooks.
core/hooks/update-check/update-check.mjsView on unpkg