AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `scripts/upgrade.ts` runs only via explicit `npm run upgrade` and merges `.claude` assets into the target project.
- `.claude/settings.json` registers a PostToolUse command hook.
- `.claude/hooks/contract-loop-gate.ts` spawns project `npm run` build/dependency commands after qualifying edits.
- Root `prepare` runs `husky`, installing a VCS pre-commit hook.
- No `preinstall`, `install`, or `postinstall` lifecycle hook is present.
- Upgrade fetches only npm registry metadata/tarball and uses fixed framework-owned copy lists.
- The Claude hook reads edit input, writes only a temp state file, and has no network calls.
- `new Function` is a CEL expression utility; CLI network access is an explicit update check.
- The bidi characters are in an imported identifier, not control-flow-obscuring code.
- No credential harvesting or non-package-aligned exfiltration was found in inspected paths.
Source & flagged code
10 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
vona/packages-utils/utils/src/celjs/utils.tsView on unpkg · L20Package source references dynamic require/import behavior.
vona/packages-cli/cabloy-cli/src/utils.tsView on unpkg · L22Package source references weak cryptographic algorithms.
vona/src/suite-vendor/a-file/modules/file-native/src/service/fileNative.tsView on unpkg · L71Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
vona/src/suite-vendor/a-vona/modules/a-orm/src/main.tsView on unpkg · L4Package ships non-JavaScript build or shell helper files.
vona/scripts/app-init.shView on unpkgHardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui.jsView on unpkg · L1Hardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle-core.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle-core.jsView on unpkg · L2Hardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-bundle.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-bundle.jsView on unpkg · L2Hardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle.jsView on unpkg · L2