AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The explicit scaffold CLI can install a pinned third-party skill into a global AI-agent skill location. This broadens the local agent control surface beyond the generated project.
Decision evidence
public snapshot- `dist/skills.js` runs `npx --yes modern-web-guidance@0.0.174 install --yes`.
- The installer states it writes a globally visible AI-agent skill under `~/.agents/skills/`.
- `dist/index.js` invokes this installer after scaffolding; `--yes` suppresses the confirmation.
- `dist/skills.test.js` explicitly verifies `--yes` installs unconditionally.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- The control-surface mutation occurs only after explicit CLI invocation, not package installation.
- Interactive runs present a dedicated confirmation and `--skip-skills` disables it.
- Other subprocesses are project-scoped scaffolding, dependency installation, git setup, or user-confirmed GitHub publishing.
- Gemini requests use a user-supplied API key for the optional AI-generation feature; telemetry is disclosed and opt-out.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/index.jsView on unpkg · L64