AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The runtime plugin operates a configured HTTP listener and sends requests to the user's configured alarm gateway. No install-time execution or confirmed credential exfiltration exists, but a packaged Claude local-settings file grants sensitive npm capabilities.
Decision evidence
public snapshot- `.claude/settings.local.json` embeds npm publish credentials.
- `.claude/settings.local.json` pre-authorizes npm publish/config commands for an AI agent.
- `package.json` has no preinstall, install, or postinstall hook.
- `index.js` only registers a Homebridge platform and starts after Homebridge launches.
- Alarm HTTP requests use user-configured `stateURL`, `zoneURL`, and `setURL`.
- No child-process, filesystem-harvesting, eval, or remote-payload execution was found.
Source & flagged code
4 flagged · loading sourcePackage contains a critical-looking secret pattern.
.claude/settings.local.jsonView on unpkg · L11npm access token in .claude/settings.local.json
.claude/settings.local.jsonView on unpkg · L11npm access token in .claude/settings.local.json
.claude/settings.local.jsonView on unpkg · L12npm access token in .claude/settings.local.json
.claude/settings.local.jsonView on unpkg · L13