AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Npm postinstall mutates the consuming project rather than only this package. It installs package-controlled AI-agent instruction and MCP configuration surfaces in the host project without an explicit user command.
Decision evidence
public snapshot- `package.json` runs `bin/install-host.js --postinstall` automatically.
- `bin/install-host.js` selects `INIT_CWD`/cwd as host target and recursively copies package files.
- Postinstall drops `AGENTS.md`, `.github/`, and `.vscode/` into the host project.
- Dropped `AGENTS.md` supplies mandatory AI-agent routing, tool, and execution rules.
- Postinstall also configures host-local Git hooks via `scripts/setup/install-project-hooks.ps1`.
- Existing target files are preserved unless `--force` is supplied.
- LangSmith export is disabled by default in `telemetry/config.json`.
- No hard-coded network endpoint or credential-exfiltration path was confirmed.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
bin/install-host.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
scripts/context/build-repomix.ps1View on unpkg