AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/daemon.mjs` polls channel mentions and routes them to task handling.
- `src/handler.mjs` runs configured coding commands and local git operations for channel tasks.
- `src/hook.mjs` can install Claude hook configuration when explicitly invoked.
- `src/mcp.mjs` sends authenticated RPC requests to the configured Hilos endpoint.
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle script.
- `bin/hilos-agent.mjs` activates config writes, hooks, and daemon work only through explicit CLI commands.
- `src/config.mjs` defaults the service endpoint to `https://hilos.sh/api/mcp` and accepts user-supplied configuration.
- `src/mcp.mjs` contains no unrelated endpoint, payload download, or remote code-loading path.
Source & flagged code
1 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/daemon.mjsView on unpkg