AI Security Review
scanned 2d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Install runs a postinstall hook that drops a bundled FIVO/CELL extension into the user's global ~/.cell agent extensions directory. The extension is then auto-loaded by this package's own agent and can alter prompts/tool availability and persist memory/vault files locally.
Decision evidence
public snapshot- package.json postinstall creates ~/.cell/agent/extensions and copies .pi/extensions/fivo.ts there without an explicit runtime opt-in.
- dist/config.js derives getAgentDir() from piConfig.configDir .cell, and dist/core/extensions/loader.js auto-discovers agentDir/extensions.
- .pi/extensions/fivo.ts registers before_agent_start/input/session events that inject memory context, redact input, switch active tools, and persist data under ~/.cell.
- .pi/extensions/fivo.ts has /vault command for storing API/secret/token values locally.
- The lifecycle target is the package's own configured ~/.cell agent namespace, not Claude/Codex/Cursor or another foreign agent surface.
- No install-time network access or credential exfiltration was found in package.json or .pi/extensions/fivo.ts.
- CLI entry dist/cli.js only configures dispatcher and calls main(process.argv.slice(2)).
- The extension is package-aligned agent functionality and does not register a standing remote MCP/tool endpoint.
Source & flagged code
6 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references a known benign dynamic code generation pattern.
examples/extensions/doom-overlay/doom-engine.tsView on unpkg · L64Package source references dynamic require/import behavior.
dist/core/extensions/loader.jsView on unpkg · L52Package ships WebAssembly modules.
examples/extensions/doom-overlay/doom/build/doom.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
examples/extensions/doom-overlay/doom/build.shView on unpkg