AI Security Review
scanned 5h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious attack surface was found. The package is an AI skills CLI with explicit user-command project setup that can install first-party Cursor hooks and contact package-aligned services.
Decision evidence
public snapshot- dist/lib/cursor-hooks.js installs .cursor/hooks/enterprise-skills scripts and merges .cursor/hooks.json when setup/init/onboard commands are run.
- templates/cursor-hooks/input-gateway.mjs hooks userPromptSubmit, reads prompt stdin, runs enterprise-skills orchestrate start-task, and can block on decision=block.
- dist/index.js flushes telemetry and feedback after CLI actions; dist/telemetry.js posts queued events with local license_key to enterprise-skills-site.vercel.app.
- dist/lib/commercial-layer.js can spawn local commercial pre/post onboard scripts discovered from explicit/env/project paths during onboard.
- package.json has no preinstall/install/postinstall lifecycle scripts.
- Cursor hook installation is user-invoked via CLI init/onboard/setup-hooks, not npm install-time mutation.
- Network endpoints are package-aligned licensing, bundle, update, telemetry, and feedback APIs.
- dist/content.js sanitizes downloaded bundle entries, bounds size/count, and restricts skill writes to safe .md basenames.
- No credential harvesting, broad file collection, remote shell payload, persistence outside documented project/home config, or destructive behavior found.
Source & flagged code
4 flagged · loading sourcedist/lib/cursor-hooks.js installs .cursor/hooks/enterprise-skills scripts and merges .cursor/hooks.json when setup/init/onboard commands are run.
dist/lib/cursor-hooks.jsView on unpkgtemplates/cursor-hooks/input-gateway.mjs hooks userPromptSubmit, reads prompt stdin, runs enterprise-skills orchestrate start-task, and can block on decision=block.
templates/cursor-hooks/input-gateway.mjsView on unpkgdist/index.js flushes telemetry and feedback after CLI actions; dist/telemetry.js posts queued events with local license_key to enterprise-skills-site.vercel.app.
dist/index.jsView on unpkgdist/lib/commercial-layer.js can spawn local commercial pre/post onboard scripts discovered from explicit/env/project paths during onboard.
dist/lib/commercial-layer.jsView on unpkg