AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. A user-invoked scaffolder defaults to initializing an external AI-agent extension in the newly created project. This is a first-party project setup action, not install-time mutation of an existing broad agent surface.
Decision evidence
public snapshot- `dist/cli.js` runs OpenSpec by default after user invokes the scaffold CLI.
- `dist/openspec-init.js` spawns `npx @fission-ai/openspec init --tools … --force` in the new project.
- `template/.openclaw/config.json` and agent prompt files are copied into generated projects.
- Non-interactive mode selects Claude and Cursor defaults.
- `package.json` has no preinstall/install/postinstall hook.
- Child processes use fixed executable names and argument arrays; no shell option is used.
- No credential harvesting, data exfiltration, eval, or obfuscated payload was found.
- Writes are confined to the requested generated project template and Git initialization.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/openspec-init.jsView on unpkgPackage source references child process execution.
dist/openspec-init.jsView on unpkg · L12Package source invokes a package manager install command at runtime.
dist/openspec-init.jsView on unpkg · L12