AI Security Review
scanned 2d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/bundle.js` MCP tools execute caller-supplied `verify_cmd`/`fitness_cmd` in caller-supplied `cwd`.
- `dist/bundle.js` starts `claude` with prompts and DeepSeek proxy/API configuration.
- `dist/bundle.js` evolution path runs `git checkout .` and `git clean -fd` in the user-selected project.
- `dist/bundle.js` can apply generated patches via `git apply`.
- `package.json` has only `prepublishOnly`; no install-time lifecycle hook.
- `.mcp.json` only declares this package's explicit MCP server command.
- Network use is limited to `127.0.0.1:3200` proxy health and DeepSeek Anthropic endpoint.
- No source evidence of credential harvesting, stealth persistence, or unsolicited exfiltration.
Source & flagged code
3 flagged · loading sourceSource combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/bundle.jsView on unpkg · L21090Package source references a known benign dynamic code generation pattern.
dist/bundle.jsView on unpkg · L2941