AI Security Review
scanned 3d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package mutates a local AI-agent skill surface at npm install time. The dropped skill is package-aligned, but the lifecycle write into $HOME/.claude/skills is unconsented and outside the package directory.
Decision evidence
public snapshot- package.json defines postinstall: node install.js and bin maps hyper-animator to install.js.
- install.js copies skills/hyper-animator into $HOME/.claude/skills/hyper-animator during install.
- install.js creates or updates $HOME/.claude/skills/hyper-animator/.env with MINIMAX_* placeholders.
- skills/hyper-animator/SKILL.md installs AI-agent instructions that direct future tool, git, render, and script actions.
- install.js performs no network calls and does not exfiltrate existing credentials.
- No obfuscation, eval/vm/Function, native binary loading, or destructive lifecycle commands found.
- MiniMax curl/urllib network calls are in user-invoked scripts for package-aligned audio/TTS generation.
- No evidence of dependency confusion, persistence beyond copied skill files, or file harvesting outside the skill .env load path.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
install.jsView on unpkg · L12Package ships non-JavaScript build or shell helper files.
skills/hyper-animator/scripts/preview-gen.pyView on unpkg