AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time malicious behavior was found. The explicit `skills` command can install and mirror package-owned AI-agent skills; normal CLI commands may also schedule a detached self-update after a registry check.
Decision evidence
public snapshot- `dist/cli.js` exposes an explicit `skills` command that installs and mirrors HyperFrames skills into detected AI-agent skill directories.
- `dist/cli.js` invokes `npx skills add` and creates symlinks/copies under agent skill roots after that user command.
- `dist/cli.js` performs automatic npm update checks and can launch a detached package-manager self-update after normal CLI use.
- `package.json` has no `preinstall`, `install`, `postinstall`, or other lifecycle hook.
- Agent-directory writes are reachable through the user-invoked `hyperframes skills` command, not package installation.
- No inspected code harvests unrelated credentials or sends local files to an untrusted endpoint.
- Network use is package-aligned: npm update metadata, HeyGen cloud/auth APIs, and explicit Figma/cloud commands.
- The studio bundle's fetches target local `/api/...` project routes or user-selected media URLs.
Source & flagged code
3 flagged · loading sourceSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/studio/index.jsView on unpkg · L207Package contains source files above the static scanner size ceiling.
dist/studio/assets/index-HvbbjzDK.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.jsView on unpkg