AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/index.js `bmem add` downloads manifest-listed files and writes them under BMEM_HOME skills cache.
- dist/index.js delegates registration to `npx --yes skills add <path>`.
- dist/index.js `bmem install` registers bundled skills/bmem with `--global --agent *`.
- skills/bmem/SKILL.md instructs agents to use bmem to add and run web skills.
- package.json has only `prepare: tsup`; no preinstall/install/postinstall lifecycle mutation.
- dist/index.js work is behind commander CLI commands, not import-time execution.
- dist/index.js network use is catalog API/search/show/add behavior aligned with README.
- dist/index.js parseSkillId rejects backslashes, dot and dotdot segments before constructing install paths.
- No credential harvesting, destructive behavior, eval/vm/Function, native binary loading, or hidden exfiltration found.
Source & flagged code
3 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L43Package source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L98