AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/index.js` `setup` installs hooks in `~/.claude/settings.local.json`.
- Hooks read Claude transcripts and save/restores session content through the package's blockchain workflow.
- Interactive wizard runs global Claude CLI install and `claude mcp add --scope user` after user launches the CLI.
- `report_bug` posts wallet address, receipts, OS, and Node version only when invoked.
- `diary_chat` sends supplied API key and conversation data to OpenAI.
- `package.json` contains no preinstall/install/postinstall lifecycle script.
- Wallet WIF is encrypted locally and PIN is stored via keychain when available.
- No source path sends the WIF, PIN, or arbitrary environment variables to a hard-coded endpoint.
- Claude configuration mutation is reached from explicit `setup` or interactive CLI execution, not npm install.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
src/index.jsView on unpkg · L17A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
src/index.jsView on unpkg · L17Package source references dynamic require/import behavior.
src/index.jsView on unpkg · L111