AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Explicit `primer init` configures detected AI clients, writes project agent files, and installs a Git post-commit hook. It can also install a Cursor `preToolUse` policy hook in the user's home directory. Daemon sync is network-capable after user configuration.
Decision evidence
public snapshot- `out/cli.js` `primer init` auto-writes MCP entries for detected AI tools.
- `out/cli.js` auto-installs a `preToolUse` hook in `~/.cursor/hooks.json` when Cursor is detected.
- `out/cli.js` adds a `.git/hooks/post-commit` hook and creates project `AGENTS.md`.
- `out/cli.js` supports user-service persistence through launchd, systemd, and scheduled tasks.
- `out/daemon.js` syncs workspace data to configured Supabase/Cloudflare endpoints.
- `package.json` contains no `preinstall`, `install`, or `postinstall` lifecycle hook.
- The configuration and hook writes are reached from explicit CLI commands such as `primer init` and `primer connect`.
- Cursor hook behavior in `out/hook.js` enforces local policy and only posts to a user-configured webhook.
- Network code targets disclosed Primer service endpoints or user-provided URLs.
- No source evidence of credential harvesting, stealth payload download, or arbitrary remote code execution.
Source & flagged code
12 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
out/cli.jsView on unpkgSource collects local host identity data and sends it to an external endpoint.
out/cli.jsView on unpkg · L78Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
out/cli.jsView on unpkg · L78Source exposes local file and command tools to a remote model endpoint.
out/daemon.jsView on unpkg · L5619Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
out/daemon.jsView on unpkg · L241Source writes installer persistence such as shell profile or service configuration.
out/daemon.jsView on unpkg · L241Package source references a known benign dynamic code generation pattern.
out/daemon.jsView on unpkg · L34118Package source references weak cryptographic algorithms.
out/daemon.jsView on unpkg · L241