AI Security Review
scanned 6h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `index.js` copies the complete bundled template into a user-selected project directory.
- Bundled `template/.claude/settings.json` grants Claude Code allowlisted Bash, GitHub CLI, package-manager, Supabase, Vercel, and WebSearch capabilities.
- `template/start.sh` detects local AI CLIs and, after explicit selection, executes the chosen CLI with `docs/prompts/project-setup.md`.
- `template/scripts/install-harness.sh` explicitly copies `.claude` agent/settings files into a supplied target project.
- `package.json` has no preinstall, install, or postinstall hook; `prepublishOnly` is publish-time only.
- `index.js` has no network client, secret harvesting, eval, dynamic loading, or hidden payload execution.
- The CLI's only `spawnSync` call runs `bash start.sh` after `--run` or an interactive confirmation.
- `start.sh` uses a fixed local agent registry and local prompt file; no network endpoint or exfiltration path was found.
- `.claude/settings.json` disables automatic project MCP server enablement and includes destructive-command denies.
Source & flagged code
3 flagged · loading sourcePackage contains a high-severity secret pattern.
template/skills/environment-and-secrets.skill.mdView on unpkg · L54Stripe test secret key in template/skills/environment-and-secrets.skill.md
template/skills/environment-and-secrets.skill.mdView on unpkg · L54Package ships non-JavaScript build or shell helper files.
template/scripts/install-harness.shView on unpkg