AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/commands/setup-mcp.js` explicitly configures selected AI agents.
- `dist/utils/agents.js` writes MCP entries to project and user agent-config paths, including `~/.copilot/mcp-config.json`.
- `dist/commands/install-plugin.js --enroll` redeems a supplied code and stores returned credentials.
- `dist/lib/install-server.js` downloads and installs a managed server executable; `dist/lib/configure-agent.js` can spawn it.
- `dist/utils/enroll.js` POSTs enrollment codes to `${baseUrl}/api/auth/enroll/redeem`.
- `package.json` has no `preinstall`, `install`, or `postinstall` hook.
- `bin/godot-cli.js` only imports the CLI; side effects require a user CLI command.
- Agent configuration is gated by explicit `setup-mcp <agent-id>` or `configure --agent <id>` commands.
- Download helpers restrict release URLs to HTTPS `github.com`; server ZIP extraction checks SHA-256 sums before use.
- No source evidence of environment harvesting, stealth persistence, destructive actions, or unrelated exfiltration.
Source & flagged code
1 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/commands/install-plugin.jsView on unpkg