AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `bin/lib/live.mjs` starts a remote-directed Claude session with `bypassPermissions` unless `FLOWVIANT_SAFE=1`.
- `bin/lib/claude.mjs` similarly uses `--dangerously-skip-permissions` for unattended worker mode.
- `bin/lib/live.mjs` copies absent `.env*` files into agent worktrees before running previews.
- `bin/lib/preview.mjs` executes inferred/configured dev commands with `shell:true`, downloads and runs `cloudflared`.
- `bin/lib/update.mjs` can auto-run `npm install -g flowviant@latest` and re-exec after server version signals.
- `bin/lib/fleet.mjs` accepts fleet merge jobs and invokes `gh pr merge` after same-repository URL validation.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- The executable is activated through the explicit `flowviant` CLI entrypoint.
- Network targets and credentials are Flowviant workflow components, not unrelated collection endpoints.
- `bin/lib/git.mjs` validates server-provided PR URLs, branches, and worktree path segments.
- No `eval`, `Function`, VM loading, obfuscated payload, or covert credential harvesting was found.
- README documents autonomous agents, previews, downloads, and `FLOWVIANT_SAFE=1`.
Source & flagged code
4 flagged · loading sourcePackage source references child process execution.
bin/lib/preflight.mjsView on unpkg · L6Package source invokes a package manager install command at runtime.
bin/lib/update.mjsView on unpkg · L4This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/lib/claude.mjsView on unpkg