AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `lib/setup-runner.mjs` explicitly writes project AI-agent files including `AGENTS.md`, `.codex/AGENTS.md`, `CLAUDE.md`, and `.github/copilot-instructions.md`.
- `apps/cli/index.mjs` exposes user-invoked `setup`, `init`, `ecc-sync`, and plugin-install commands that mutate the selected target.
- `lib/ecc-resource-installer.mjs` copies vendored agent resources, hooks, scripts, and optional harness directories into a target.
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- The bin entry only imports the CLI; mutations require explicit CLI commands.
- `lib/setup-runner.mjs` uses `spawnSync` only for fixed `git` inspection commands with `shell: false`.
- No HTTP/network, socket, credential harvesting, eval, or remote payload execution was found in executable source.
- The scanner's reverse-shell indication is unsupported: the apparent `nc` text is in generated deny rules, not process/socket wiring.
Source & flagged code
4 flagged · loading sourceSource matches reverse-shell style process and socket wiring.
lib/setup-runner.mjsView on unpkg · L3A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
lib/setup-runner.mjsView on unpkg · L3Package source references child process execution.
lib/setup-runner.mjsView on unpkg · L3Package ships non-JavaScript build or shell helper files.
skills/comunicacao/sprint-review-deck/scripts/collect-git-context.shView on unpkg