AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. A user explicitly runs the CLI to generate or copy agent-harness files into the chosen project or `~/.ai-harness`. No install-time execution, network egress, or remote command path is established.
Decision evidence
public snapshot- Explicit `setup` writes project/global AI-agent configuration.
- `lib/setup-runner.mjs` can modify `AGENTS.md`, `.codex`, `.claude`, and Copilot instruction paths.
- CLI `setup` automatically invokes vendored ECC-resource installation.
- `package.json` contains no `preinstall`, `install`, `postinstall`, or `prepare` hook.
- `bin/httpdr-setup.mjs` only imports the user-invoked CLI.
- `spawnSync` is limited to local `git` inspection with `shell: false`.
- No network client, socket, eval, dynamic loader, or executable payload was found.
- Setup writes safety-oriented rules and a Claude example config; it does not execute its generated hook.
- Scanner reverse-shell label is unsupported by `lib/setup-runner.mjs` source.
Source & flagged code
4 flagged · loading sourceSource matches reverse-shell style process and socket wiring.
lib/setup-runner.mjsView on unpkg · L3A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
lib/setup-runner.mjsView on unpkg · L3Package source references child process execution.
lib/setup-runner.mjsView on unpkg · L3Package ships non-JavaScript build or shell helper files.
skills/comunicacao/sprint-review-deck/scripts/collect-git-context.shView on unpkg