AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The package can import local SDD-Agent resource and scene configuration into its own `~/.flowmind` state. This occurs only through an explicit command or an opt-in environment variable during FlowMind initialization; no install-time behavior was found.
Decision evidence
public snapshot- `core/index.js` invokes guarded SDD-Agent auto-sync during FlowMind initialization.
- `core/sdd-agent-sync.js` reads `~/.sdd-agent` and writes imported configuration under `~/.flowmind`.
- `bin/flowmind.js` exposes explicit `resource --sync-sdd-agent` import.
- `bin/flowmind.js` runs `npm install` only through the explicit `flowmind update` command.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- Auto-sync is disabled unless `FLOWMIND_ENABLE_SDD_AGENT_AUTO_SYNC=1` or forced.
- Sync writes FlowMind-owned paths, not Codex/Claude configuration paths.
- AI provider HTTP requests use configured provider endpoints and API keys; no unrelated exfiltration endpoint found.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
core/release-check.jsView on unpkg · L2This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/flowmind.jsView on unpkgPackage source invokes a package manager install command at runtime.
bin/flowmind.jsView on unpkg · L3675Package source references dynamic require/import behavior.
core/honor-engine.jsView on unpkg · L5