AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The npm postinstall hook automatically mutates detected Claude, Codex, and Cursor control/config locations. It installs package-authored agent instructions and MCP configuration before any explicit CLI command.
Decision evidence
public snapshot- package.json runs dist/postinstall.js on npm install.
- dist/postinstall.js calls globalSetup({ mode: "install" }) without confirmation.
- dist/chunk-6OHN2SBA.js detects standard Claude, Codex, and Cursor home/config paths.
- dist/chunk-6OHN2SBA.js writes AGENTS.md, .codex/config.toml, Cursor rules, and Claude MCP config.
- dist/postinstall.js executes npx playwright install chromium.
- Network provider/search calls are in user-invoked CLI analysis paths, not postinstall.
- Setup preserves differing existing generated files unless --force is supplied.
Source & flagged code
4 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
dist/postinstall.jsView on unpkg · L7Package source invokes a package manager install command at runtime.
dist/postinstall.jsView on unpkg · L11