AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/onboarding/harness-cli.js` writes Cursor, Claude, Codex, or OpenCode MCP configuration.
- `clawql codex|cursor|claude|opencode` explicitly prepares config then launches the selected local agent.
- `dist/onboarding/mcp-config-write.js` merges a ClawQL MCP server and creates a timestamped backup.
- `dist/onboarding/init.js` can invoke `npx tsx` for a Vault push only with `--push-vault` or an interactive confirmation and `VAULT_TOKEN`.
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle hook.
- Bin entrypoints only import packaged server or onboarding CLI modules.
- Agent-config writes occur only through explicit CLI commands; no import-time config mutation was found.
- No obfuscation, credential harvesting, covert exfiltration, or remote payload execution was found in inspected onboarding and entrypoint code.
Source & flagged code
20 flagged · loading sourcePackage contains a critical-looking secret pattern.
providers/aws/apis/rds-2014-10-31/openapi.yamlView on unpkg · L22201AWS access key ID in providers/aws/apis/rds-2014-10-31/openapi.yaml
providers/aws/apis/rds-2014-10-31/openapi.yamlView on unpkg · L22201AWS access key ID in providers/aws/apis/rds-2014-10-31/openapi.yaml
providers/aws/apis/rds-2014-10-31/openapi.yamlView on unpkg · L32930Package source references child process execution.
dist/onboarding/harness-cli.jsView on unpkg · L5Package source references dynamic require/import behavior.
bin/clawql-mcp-http.mjsView on unpkg · L8A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/onboarding/hashicorp-vault.jsView on unpkg · L3Package source invokes a package manager install command at runtime.
dist/onboarding/init.jsView on unpkg · L89This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/onboarding/doctor.jsView on unpkgAWS access key ID in providers/aws/apis/iam-2010-05-08/openapi.yaml
providers/aws/apis/iam-2010-05-08/openapi.yamlView on unpkg · L19732AWS access key ID in providers/aws/apis/iam-2010-05-08/openapi.yaml
providers/aws/apis/iam-2010-05-08/openapi.yamlView on unpkg · L19859AWS access key ID in providers/aws/apis/iam-2010-05-08/openapi.yaml
providers/aws/apis/iam-2010-05-08/openapi.yamlView on unpkg · L19901AWS access key ID in providers/aws/apis/iam-2010-05-08/openapi.yaml
providers/aws/apis/iam-2010-05-08/openapi.yamlView on unpkg · L20495AWS access key ID in providers/aws/apis/iam-2010-05-08/openapi.yaml
providers/aws/apis/iam-2010-05-08/openapi.yamlView on unpkg · L20529AWS access key ID in providers/aws/apis/iam-2010-05-08/openapi.yaml
providers/aws/apis/iam-2010-05-08/openapi.yamlView on unpkg · L20533AWS access key ID in providers/aws/apis/sts-2011-06-15/openapi.yaml
providers/aws/apis/sts-2011-06-15/openapi.yamlView on unpkg · L777AWS access key ID in providers/aws/apis/sts-2011-06-15/openapi.yaml
providers/aws/apis/sts-2011-06-15/openapi.yamlView on unpkg · L820AWS access key ID in providers/aws/apis/sts-2011-06-15/openapi.yaml
providers/aws/apis/sts-2011-06-15/openapi.yamlView on unpkg · L1222AWS access key ID in providers/aws/apis/sts-2011-06-15/openapi.yaml
providers/aws/apis/sts-2011-06-15/openapi.yamlView on unpkg · L1342AWS access key ID in providers/aws/apis/sts-2011-06-15/openapi.yaml
providers/aws/apis/sts-2011-06-15/openapi.yamlView on unpkg · L1422AWS access key ID in providers/aws/apis/sts-2011-06-15/openapi.yaml
providers/aws/apis/sts-2011-06-15/openapi.yamlView on unpkg · L1448