AI Security Review
scanned 4d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The explicit scaffold command can install an AI-agent skill outside the generated project. This is a real global agent-extension mutation, but not an npm lifecycle action and no malicious payload chain is established.
Decision evidence
public snapshot- `dist/skills.js` runs `npx --yes modern-web-guidance@0.0.174 install --yes`.
- `dist/index.js` invokes that installer after scaffolding; `--yes` accepts it without an interactive prompt.
- The installer is documented to write a global AI-agent skills location such as `~/.agents/skills/`.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- Agent-skill installation occurs only when the user explicitly runs the CLI and can be disabled with `--skip-skills`.
- The skill package version is pinned and the installer has a 30-second timeout.
- No credential harvesting, secret exfiltration, eval/vm use, or hidden persistence was found in inspected non-test source.
- Template downloads are explicit CLI scaffolding actions from `github:Teloz1870/cartwright-template`; `--look` fetches a user-supplied URL with schema and size checks.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L64