AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `bin/klypix-install.mjs` explicitly copies package code to `~/.claude/project-brain` and adds `SessionStart`, `UserPromptSubmit`, `Stop`, and `PostToolUse` command hooks to `~/.claude/settings.json`.
- `src/agent-rules.mjs` explicitly writes project-level rule files for Cursor, Windsurf, Cline, GitHub Copilot, Gemini CLI, and Aider, plus MCP entries in `.cursor/mcp.json` and `.vscode/mcp.json`.
- The installed global hook reads Claude hook input and project data, captures marked session content into local `brain.klypix` files, and runs bounded local `git` commands for project state.
- `bin/klypix-mcp.mjs` exposes MCP tools that can read and write the configured local KLYPIX vault; `bin/klypix-a2a.mjs` starts an HTTP server when the user launches that dedicated CLI.
- `package.json` declares no `preinstall`, `install`, `postinstall`, `prepare`, or other lifecycle script, so the agent configuration mutations do not run on ordinary npm installation.
- `bin/klypix-mcp.mjs` dispatches installation and project linking only for explicit `install` and `link` CLI arguments; the standalone binaries are also user-invoked.
- No evaluated code-fetcher, `eval`, `Function`, `vm`, shell loader, detached child process, credential collection, or data-exfiltration endpoint was found in the inspected package source.
- The only confirmed external request is the bounded npm version check at `https://registry.npmjs.org/klypix-mcp/latest`; the A2A listener defaults to loopback `127.0.0.1:41241`.
- No reviewer- or scanner-directed manipulation text was found in the inspected package files.
Source & flagged code
3 flagged · loading sourcePackage source references dynamic require/import behavior.
src/klypix-core.mjsView on unpkg · L157Package source references weak cryptographic algorithms.
src/klypix-core.mjsView on unpkg · L8This package version adds a dangerous source file absent from the previous stored version.
bin/klypix-mcp.mjsView on unpkg