AI Security Review
scanned 17m ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package CLI initializes by persistently rewriting global AI assistant control surfaces and shell startup configuration. It also installs external tooling and configures agent execution paths that can bypass permissions in supported CLIs.
Decision evidence
public snapshot- bin/imhcode.js default entry runs runInit() when no command is supplied
- runInit() copies package CLAUDE.md, AGENTS.md, and skills/ into ~/.claude, ~/.gemini, and ~/.copilot
- runInit() removes existing assistant skills directories before copying package skills
- registerCliGlobally() writes shims to ~/.imhcode/bin and ~/.local/bin and appends PATH changes to shell rc files
- ensureCavemanAndGraphify() runs npm install -g skills and npx skills add during init
- src/dist executor adapters use opencode --dangerously-skip-permissions and codex --dangerously-bypass-approvals-and-sandbox for live runs
- package.json has no npm lifecycle install hooks
- No credential harvesting or exfiltration logic found in reviewed entrypoints
- Network activity is mostly package-manager/CLI installation invoked from init
- Primary behavior is an AI coding orchestration framework with bundled agents and skills
Source & flagged code
22 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
skills/typeui-main/src/prompts/designSystem.tsView on unpkg · L18Source writes persistence or remote-access backdoor material.
bin/imhcode.jsView on unpkg · L24A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
bin/imhcode.jsView on unpkg · L24This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/imhcode.jsView on unpkgManifest entrypoint contains risky behavior absent from dist/build output.
bin/imhcode.jsView on unpkg · L24Package source references dynamic require/import behavior.
bin/imhcode.jsView on unpkg · L22Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
skills/ui-ux-pro-max/.claude/skills/design/scripts/cip/generate.pyView on unpkgPackage ships non-JavaScript build or shell helper files.
skills/ui-ux-pro-max/.claude/skills/design/scripts/cip/generate.pyView on unpkgPackage ships high-entropy non-source blobs.
skills/theme-factory/theme-showcase.pdfView on unpkgHardcoded password in skills/graphify/skill-windows.md
skills/graphify/skill-windows.mdView on unpkg · L681Hardcoded password in skills/graphify/skill-trae.md
skills/graphify/skill-trae.mdView on unpkg · L592Hardcoded password in skills/graphify/skill-pi.md
skills/graphify/skill-pi.mdView on unpkg · L543Hardcoded password in skills/graphify/skill-codex.md
skills/graphify/skill-codex.mdView on unpkg · L605Hardcoded password in skills/graphify/skill-kiro.md
skills/graphify/skill-kiro.mdView on unpkg · L543Hardcoded password in skills/graphify/skill-copilot.md
skills/graphify/skill-copilot.mdView on unpkg · L603Hardcoded password in skills/graphify/skill-opencode.md
skills/graphify/skill-opencode.mdView on unpkg · L655Hardcoded password in skills/graphify/skill-aider.md
skills/graphify/skill-aider.mdView on unpkg · L544Hardcoded password in skills/graphify/skill-claw.md
skills/graphify/skill-claw.mdView on unpkg · L544Hardcoded password in skills/graphify/skill-droid.md
skills/graphify/skill-droid.mdView on unpkg · L600Hardcoded password in skills/django-tdd/SKILL.md
skills/django-tdd/SKILL.mdView on unpkg · L25Hardcoded password in skills/django-tdd/SKILL.md
skills/django-tdd/SKILL.mdView on unpkg · L117Hardcoded password in skills/django-tdd/SKILL.md
skills/django-tdd/SKILL.mdView on unpkg · L126