AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/recall.js` downloads and installs executable llama.cpp binaries from GitHub.
- `recall install` writes Claude/Codex hooks, skills, and optional instruction nudges.
- Downloaded local embedding runtime is later invoked for transcript/query embedding.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- Agent-config changes require explicit `recall install`; they do not run on package installation.
- Network use is limited in source to embedding assets and reachability checks; no transcript upload endpoint was found.
- `recall uninstall` removes the package-owned integrations and optional local data.
Source & flagged code
5 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/recall.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/recall.jsView on unpkg · L39Package source references dynamic require/import behavior.
dist/recall.jsView on unpkg · L11