AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. An explicit `berserqir install` deploys a project-local agent harness and registers first-party hooks for Copilot, Claude Code, or Cursor. Those hooks can run local guard scripts and, at stop time, the project's configured verification commands. No install-time execution or confirmed data-exfiltration chain was found.
Decision evidence
public snapshot- Explicit `install` compiles and writes AI-agent hook configs into the selected project.
- Claude/Cursor adapters register hooks that execute vendored Node guard scripts on agent events.
- `session-verify` can run the target project's existing npm/npx typecheck or lint at agent-session stop.
- `update-check` detaches an `npm view berserqir version` refresh after installed hooks run.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- Writes require an explicit CLI install/update action and target project directory; modified files need consent unless `--force`.
- No credential exfiltration, remote payload download/execution, eval/vm use, or foreign/global agent-config paths found.
- Hook code is package-aligned safety, memory, and quality enforcement; scanner child-process signals map to these local functions.
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
core/hooks/session-verify/session-verify.mjsView on unpkg · L22Package source invokes a package manager install command at runtime.
bin/berserqir.jsView on unpkg · L4This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
adapters/copilot/hook-adapter.mjsView on unpkg