AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/cli.mjs` installs downloaded skill files into AI-agent skill directories.
- `dist/_chunks/agents.mjs` accepts registry-provided agent `skillsDir` and `globalSkillsDir` mappings.
- `dist/cli.mjs` can clone user-selected Git sources and run `gh`/`git` helpers.
- `package.json` has no `preinstall`, `install`, or `postinstall`; only `prepublishOnly`.
- `bin/bfi.mjs` only enables Node's compile cache and imports `dist/cli.mjs` when `bfi` is run.
- Registry/network access and agent-directory writes occur in explicit CLI workflows, not npm installation.
- No source evidence of credential harvesting, covert exfiltration, eval-based payload execution, or stealth persistence.
Source & flagged code
4 flagged · loading sourcePackage source references child process execution.
dist/_chunks/libs/simple-git.mjsView on unpkg · L6This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.mjsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli.mjsView on unpkg · L17Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.mjsView on unpkg · L17