AI Security Review
scanned 1d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Install-time code registers a packaged FIVO extension under the CELL agent's own home config namespace. This is agent extension lifecycle risk, but not a confirmed foreign agent hijack or malware payload.
Decision evidence
public snapshot- package.json postinstall creates ~/.cell/agent/extensions and copies .pi/extensions/fivo.ts there
- postinstall removes legacy ~/.cell/extensions/fivo.ts if present
- copied extension reads/writes ~/.cell memory/vault/mode/theme files and injects memory/project context on agent events
- package.json declares piConfig.configDir='.cell', so lifecycle target is the package's own app namespace
- no postinstall network fetch or remote payload execution found
- bin/import entrypoints are normal CLI/library entrypoints; dynamic extension loading is runtime platform functionality
Source & flagged code
6 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references a known benign dynamic code generation pattern.
examples/extensions/doom-overlay/doom-engine.tsView on unpkg · L64Package source references dynamic require/import behavior.
dist/core/extensions/loader.jsView on unpkg · L52Package ships WebAssembly modules.
examples/extensions/doom-overlay/doom/build/doom.wasmView on unpkgPackage ships non-JavaScript build or shell helper files.
examples/extensions/doom-overlay/doom/build.shView on unpkg