AI Security Review
scanned 2d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious attack surface in the npm package install path. The main residual risk is guarded, documented agent-skill setup in scaffolded projects.
Decision evidence
public snapshot- template/package.json defines postinstall: node scripts/install-skills.mjs
- template/scripts/install-skills.mjs can run npx --yes skills add kylebrodeur/obsidian-arrow-sandbox --all
- template/scripts/install-skills.mjs supports --global, --project-dir, and agent skill installation into agent-visible locations
- index.mjs update copies AGENTS.md and CLAUDE.md into scaffolded project managed files
- package.json has no lifecycle scripts for installing create-obsidian-arrow itself
- index.mjs bin is user-invoked scaffolding/update; no import-time execution beyond CLI flow
- postinstall skill installer exits in CI/non-TTY unless forced and offers interactive picker for human terminals
- No credential harvesting, exfiltration endpoints, eval/vm, native binaries, or destructive behavior found
- Network/package-manager use is limited to documented npx skills CLI for project agent skills
Source & flagged code
3 flagged · loading sourcePackage source references child process execution.
template/scripts/install-skills.mjsView on unpkg · L35Package source invokes a package manager install command at runtime.
template/scripts/install-skills.mjsView on unpkg · L102This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
template/scripts/check-orphaned-css.mjsView on unpkg