registry  /  hyper-animator-codex  /  0.3.0

hyper-animator-codex@0.3.0

Install the Hyper Animator Codex skill for Codex.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The package is a first-party Codex skill installer. It modifies the Codex skills directory only when the user runs the CLI install command, and the network-capable MiniMax script is user-invoked for music generation.

Static reason
No blocking static signals were detected.
Trigger
User runs `hyper-animator-codex install` or installed skill scripts.
Impact
Adds a package-owned Codex skill and optional local MiniMax credentials file; no confirmed malicious behavior or unconsented install-time mutation.
Mechanism
explicit Codex skill copy and optional MiniMax config write
Rationale
This is an explicit user-command installer for its own Codex skill, with optional user-supplied MiniMax credentials and package-aligned API use. Under the install control surface policy this is a warn-level agent extension lifecycle risk, not malicious, because there is no lifecycle hook, stealth mutation, exfiltration, or remote payload execution.
Evidence
package.jsonbin/hyper-animator-codex.mjslib/install-skill.mjslib/minimax-config.mjsskills/hyper-animator-codex/SKILL.mdskills/hyper-animator-codex/scripts/generate_minimax_music.mjsskills/hyper-animator-codex/scripts/minimax_runtime_config.mjs${CODEX_HOME:-$HOME/.codex}/skills/hyper-animator-codex${CODEX_HOME:-$HOME/.codex}/skills/hyper-animator-codex/config/minimax.jsonhyper-animator-output/music/*
Network endpoints1
api.minimaxi.com/v1/music_generation

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • CLI install command copies packaged skill into Codex skills root in lib/install-skill.mjs.
  • --force removes an existing installed hyper-animator-codex skill before copying replacement.
  • Installer can write MiniMax api_key/group_id to installed config/minimax.json from CLI/env/config file.
Evidence against
  • package.json has no preinstall/install/postinstall lifecycle scripts.
  • Codex skill mutation is explicit user-command behavior via bin/hyper-animator-codex.mjs, not install-time execution.
  • Network use is limited to user-invoked MiniMax music generation at api.minimaxi.com and optional returned audio URL download.
  • No credential harvesting beyond MiniMax config supplied by user/env; config is chmod 0600 and redacted in output.
  • No child_process, eval, native binary loading, destructive broad filesystem behavior, or persistence found.
Behavioral surface
Source
EnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 7 file(s), 35.9 KB of source, external domains: api.minimaxi.com

Source & flagged code

1 flagged · loading source
skills/hyper-animator-codex/scripts/validate_hyperframes_html.pyView file
path = skills/hyper-animator-codex/scripts/validate_hyperframes_html.py kind = build_helper sizeBytes = 2993 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

skills/hyper-animator-codex/scripts/validate_hyperframes_html.pyView on unpkg

Findings

3 Medium5 Low
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperskills/hyper-animator-codex/scripts/validate_hyperframes_html.py
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License