AI Security Review
scanned 17h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious install-time or import-time attack was found. The main residual risk is explicit user-command setup of first-party AI-agent hooks/extensions for this orchestration tool.
Decision evidence
public snapshot- lib/hooks.js installs Claude hooks into .claude/settings.json and OpenCode/Pi extension files when invoked
- bin/jonggrang.js runs hooksLib.installHooksForTool during explicit jonggrang init
- hooks/claude and hooks/opencode include agent command/output enforcement code
- package.json has no preinstall/install/postinstall lifecycle hooks
- bin/jonggrang.js dependency npm install occurs only in user-invoked web command
- apis/secrets/index.js stores user-provided secrets locally via webState, no exfil code seen
- lib/issue-providers.js only calls GitHub/GitLab APIs with user tokens for issue features
- server.js binds local dashboard to 127.0.0.1 by default
Source & flagged code
14 flagged · loading sourcePackage contains a critical-looking secret pattern.
client/dist/assets/ProjectSettingsView-ChFbcEga.jsView on unpkg · L1OpenSSH private key in client/dist/assets/ProjectSettingsView-ChFbcEga.js
client/dist/assets/ProjectSettingsView-ChFbcEga.jsView on unpkg · L1Package source references child process execution.
apis/projects/orchestration-run.jsView on unpkg · L16Package source references dynamic require/import behavior.
apis/secrets/index.jsView on unpkg · L2Package source references weak cryptographic algorithms.
lib/bot-reviewer/index.jsView on unpkg · L1Source writes installer persistence such as shell profile or service configuration.
hooks/pi/jonggrang-extension.tsView on unpkg · L17This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/jonggrang.jsView on unpkgSource launches a detached bundled service that exposes a broad-bound HTTP listener.
bin/jonggrang.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
bin/jonggrang.jsView on unpkg · L2786Package ships non-JavaScript build or shell helper files.
hooks/claude/secret-final-check.shView on unpkgPackage ships high-entropy non-source blobs.
client/dist/assets/primeicons-C6QP2o4f.woff2View on unpkgHardcoded password in skills/library/testing/unit-testing-patterns/SKILL.md
skills/library/testing/unit-testing-patterns/SKILL.mdView on unpkg · L17OpenSSH private key in client/dist/assets/SettingsView-D3DYYBDH.js
client/dist/assets/SettingsView-D3DYYBDH.jsView on unpkg · L164