AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The explicit CLI installer deploys a package-owned engine and registers Claude Code and Codex lifecycle hooks. Those hooks run local package scripts during future agent events. No unconsented npm lifecycle mutation or confirmed data-exfiltration chain was found.
Decision evidence
public snapshot- `install.mjs` runs from the default user-invoked CLI path and writes `.claude` and `.codex` integrations.
- `hooks/lib/wiring.mjs` adds command hooks to `.claude/settings.json`.
- `hooks/lib/codex-wiring.mjs` adds command hooks to `.codex/hooks.json`.
- Installed hooks execute package scripts for agent lifecycle events via `hooks/codex-hook.mjs`.
- `install.mjs` POSTs a user-entered email to `https://kitstarter.dev/api/verify` during interactive license verification.
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle script.
- Hook wiring is performed only after explicit CLI invocation, not npm installation.
- Wiring merges existing configuration and removes only commands marked `kitstarter`.
- No credential harvesting, arbitrary remote payload loading, eval/vm use, or network exfiltration was found.
- Child-process calls run Node against bounded local package scripts; `bin/knowledge-map.mjs` only opens a generated local HTML file.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/knowledge-map.mjsView on unpkgPackage source references child process execution.
bin/knowledge-map.mjsView on unpkg · L18Package source invokes a package manager install command at runtime.
cli.mjsView on unpkg · L305