AI Security Review
scanned 4d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The concrete risk is unconsented install-time mutation of a Claude Code skill directory. npm install automatically drops package-supplied agent instructions and helper scripts into ~/.claude/skills/hyper-animator, making them available to the user's AI-agent environment.
Decision evidence
public snapshot- package.json runs postinstall: node install.js and exposes bin hyper-animator to install.js
- install.js postinstall copies package skill files into ~/.claude/skills/hyper-animator
- install.js creates/updates ~/.claude/skills/hyper-animator/.env with MiniMax config keys
- Package ships Claude skill instructions/scripts that become active agent control surface after install
- No obfuscation, eval, child_process, or dynamic remote code loading found in install.js
- No credential harvesting/exfiltration in install.js; .env template writes empty keys and only reports configured key names
- Network hosts in source are documented MiniMax service endpoints for package-aligned audio generation
- Scripts appear user-invoked skill helpers for animation/audio generation, not install-time executed payloads
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
install.jsView on unpkg · L12Package ships non-JavaScript build or shell helper files.
skills/hyper-animator/scripts/preview-gen.pyView on unpkg