AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/oss-meta-lab.js builds a host `codex exec` command with `--dangerously-bypass-approvals-and-sandbox`.
- The host-agent path clones a selected GitHub repository, then runs the unrestricted agent inside that clone.
- Activation requires non-dry-run execution plus `HUMANISH_OSS_META_HOST_CODEX_ACTOR=1`.
- dist/oss-meta-lab.js writes a temporary GitHub askpass helper when a GitHub token is supplied.
- package.json has no preinstall, install, postinstall, or prepare lifecycle hook.
- No import-time network, shell, or filesystem execution was found in dist/index.js or dist/cli.js beyond CLI parsing.
- Host actor receives an allowlisted environment that excludes OpenAI and GitHub token variables.
- dist/source-archive.js explicitly excludes .env, keys, credentials, .npmrc, node_modules, and runtime directories.
Source & flagged code
2 flagged · loading sourcedist/oss-meta-lab.js builds a host `codex exec` command with `--dangerously-bypass-approvals-and-sandbox`.
dist/oss-meta-lab.jsView on unpkgdist/oss-meta-lab.js writes a temporary GitHub askpass helper when a GitHub token is supplied.
dist/oss-meta-lab.jsView on unpkg