AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Running the CLI performs authenticated Egregore workspace setup and installs first-party Codex/Pi project runtime files. It sends GitHub bearer credentials to the named Egregore setup API and writes credentials into the created project's `.env`. No unconsented npm install-time behavior was found.
Decision evidence
public snapshot- `lib/setup.js` writes a GitHub token to target `.env` and clones repositories.
- `lib/codex-runtime.js` installs project `.codex` hooks, skills, and `.agents/skills`.
- `lib/pi-runtime.js` installs the Pi extension under `.pi/extensions/egregore.ts`.
- `lib/api.js` sends GitHub bearer tokens to the Egregore API during setup.
- Runtime telemetry and graph tools send opted-in/project API-key requests.
- `package.json` has no `preinstall`, `install`, `postinstall`, or other lifecycle hook.
- The only entrypoint is the user-invoked `bin/cli.js` CLI.
- No eval, dynamic remote code loading, or bundled binary loader was found.
- Runtime installers copy bundled files and preserve modified files as conflicts.
- Codex and Pi hooks enforce protected-branch consent rather than bypassing safeguards.
Source & flagged code
9 flagged · loading sourcePackage source invokes a package manager install command at runtime.
lib/setup.jsView on unpkg · L498Source writes installer persistence such as shell profile or service configuration.
lib/setup.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/auth.jsView on unpkg · L32Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
lib/auth.jsView on unpkg · L5Package ships non-JavaScript build or shell helper files.
runtime/codex/bin/publish-artifact.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
assets/egregore-launcher.jsView on unpkg