AI Security Review
scanned 11h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/setup-B2HejfMT.js` writes Claude or Cursor MCP configuration files.
- `dist/cli.js` exposes that mutation through explicit `setup --write claude|cursor`.
- `dist/index.js` reads local iMessage data and invokes message-send helpers.
- `dist/shutdown-CikCSZru.js` runs `osascript` to send through Messages.app.
- `native/index.js` loads a shipped native binding and invokes `ldd --version` only for Linux libc detection.
- `package.json` has no preinstall, install, or postinstall hook.
- `prepare` and `prepublishOnly` are build/verification scripts, not agent-config mutation.
- No outbound networking APIs were found in packaged JavaScript.
- Agent config writes are limited to a named MCP entry and create a `.bak` backup.
- The local child process in `dist/cli.js` restarts the package's own MCP mode.
Source & flagged code
6 flagged · loading sourcePackage source references dynamic require/import behavior.
native/index.jsView on unpkg · L5Package source references weak cryptographic algorithms.
dist/shutdown-CikCSZru.jsView on unpkg · L3This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.jsView on unpkgSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.jsView on unpkg · L6Package ships native binary artifacts.
native/imsg-native.darwin-arm64.nodeView on unpkg