registry  /  homebridge-alarmdecoder-platform-v2  /  1.0.1

homebridge-alarmdecoder-platform-v2@1.0.1

Homebridge 2.0 dynamic platform plugin for AlarmDecoder (Honeywell/DSC and Interlogix/GE/Caddx alarm panels).

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The runtime plugin operates a configured HTTP listener and sends requests to the user's configured alarm gateway. No install-time execution or confirmed credential exfiltration exists, but a packaged Claude local-settings file grants sensitive npm capabilities.

Static reason
One or more suspicious static signals were detected.
Trigger
A user opens this package in an AI agent that honors `.claude/settings.local.json`; normal runtime starts through Homebridge.
Impact
An honoring agent could use the included publishing credentials to run npm publication or configuration commands.
Mechanism
Packaged AI-agent command allowlist with embedded npm credentials.
Rationale
Runtime alarm networking is package-aligned and user-configured, but the checked-in agent settings expose sensitive npm publishing capability. Warn rather than block because no lifecycle hook, stealth execution, exfiltration, or destructive runtime chain was found.
Evidence
package.jsonindex.jsalarmsystems/honeywell.jsalarmsystems/interlogix.js.claude/settings.local.jsonconfig.schema.json

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `.claude/settings.local.json` embeds npm publish credentials.
  • `.claude/settings.local.json` pre-authorizes npm publish/config commands for an AI agent.
Evidence against
  • `package.json` has no preinstall, install, or postinstall hook.
  • `index.js` only registers a Homebridge platform and starts after Homebridge launches.
  • Alarm HTTP requests use user-configured `stateURL`, `zoneURL`, and `setURL`.
  • No child-process, filesystem-harvesting, eval, or remote-payload execution was found.
Behavioral surface
Source
ChildProcessNetwork
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 25.9 KB of source

Source & flagged code

4 flagged · loading source
.claude/settings.local.jsonView file
11patternName = npm_token severity = critical line = 11 matchedText = "Bash(NP...*)",
Critical
Critical Secret

Package contains a critical-looking secret pattern.

.claude/settings.local.jsonView on unpkg · L11
11patternName = npm_token severity = critical line = 11 matchedText = "Bash(NP...*)",
Critical
Secret Pattern

npm access token in .claude/settings.local.json

.claude/settings.local.jsonView on unpkg · L11
12patternName = npm_token severity = critical line = 12 matchedText = "Bash(NP...*)",
Critical
Secret Pattern

npm access token in .claude/settings.local.json

.claude/settings.local.jsonView on unpkg · L12
13patternName = npm_token severity = critical line = 13 matchedText = "Bash(NP...*)",
Critical
Secret Pattern

npm access token in .claude/settings.local.json

.claude/settings.local.jsonView on unpkg · L13

Findings

4 Critical1 Medium1 Low
CriticalCritical Secret.claude/settings.local.json
CriticalSecret Pattern.claude/settings.local.json
CriticalSecret Pattern.claude/settings.local.json
CriticalSecret Pattern.claude/settings.local.json
MediumNetwork
LowScripts Present