AI Security Review
scanned 5h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package uses npm postinstall to install a Claude Code skill into the user's home agent-control directory. This is an unconsented lifecycle mutation of a foreign AI-agent control surface, with package-supplied instructions and helper scripts becoming available to Claude Code.
Decision evidence
public snapshot- package.json defines postinstall: node install.js and bin points to install.js
- install.js postinstall copies skills/hyper-animator into ~/.claude/skills/hyper-animator
- install.js creates/updates ~/.claude/skills/hyper-animator/.env with MINIMAX_* key placeholders
- install.js runs python3 ~/.claude/skills/hyper-animator/scripts/sync-catalog.py during install
- SKILL.md is Claude Code agent instruction content with git, file generation, CLI, and render workflow commands
- sync-catalog.py writes ~/.claude/skills/hyper-animator/references/source-cache and catalog map via hyperframes CLI
- README.md documents this as a Claude Code skill for HyperFrames animation
- No credential exfiltration code found; MiniMax keys are used by user-invoked generation scripts
- No obfuscation, encoded payloads, or destructive filesystem operations found
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
install.jsView on unpkg · L12Package ships non-JavaScript build or shell helper files.
skills/hyper-animator/scripts/preview-gen.pyView on unpkg