AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/bundle.js` exposes MCP `solve`/`evolve` tools that invoke `claude -p` and caller-supplied verification/fitness commands.
- `dist/bundle.js` reads `~/.claude/backends.json` and `DEEPSEEK_API_KEY`, then supplies the key to a local proxy or `api.deepseek.com`.
- `dist/bundle.js` applies generated patches with `git apply` in the requested working directory.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook runs for consumers.
- `.mcp.json` only declares a first-party MCP server command and does not mutate agent configuration.
- Network and command execution occur only after explicit MCP tool calls; no import-time execution or stealth persistence was found.
- No unrelated endpoint, credential harvesting beyond configured DeepSeek credentials, or destructive payload was found.
Source & flagged code
3 flagged · loading sourceSource combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/bundle.jsView on unpkg · L21090Package source references a known benign dynamic code generation pattern.
dist/bundle.jsView on unpkg · L2941