LPM treats this as warn-only first-party agent extension lifecycle risk. No automatic install-time attack surface is established. Explicit adapter installation can configure project-local AI-agent hooks and instruction files.
Static reason
No blocking static signals were detected.
Trigger
User runs `mancode init` or `mancode install <platform>` in a project.
Impact
Installed agent sessions may load mancode guidance and invoke its local hooks within that project.
Mechanism
Writes managed project-local agent configuration, skills, and Claude hook commands.
Rationale
This is not concrete malware: all agent-control mutations are behind explicit user CLI commands and are project-local. It remains a warning because it deliberately configures AI-agent lifecycle hooks and instruction surfaces.
Evidence
package.jsondist/cli.js.mancode/config.json.mancode/hooks/session-start.mjs.mancode/hooks/user-prompt-submit.mjs.claude/settings.json.claude/skills/.claude/agents/AGENTS.md.agents/skills/