AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Npm postinstall mutates the consuming project rather than only this package directory. It drops package-controlled AI-agent/MCP configuration and installs a Git hook automatically.
Decision evidence
public snapshot- `package.json` runs `bin/install-host.js --postinstall`.
- `bin/install-host.js` targets `INIT_CWD`/cwd and copies into that foreign project.
- Postinstall copies `.vscode`, `AGENTS.md`, `.github`, and agent/MCP scaffolding.
- Postinstall configures local Git `core.hooksPath` via `scripts/setup/install-project-hooks.ps1`.
- `.vscode/mcp.json` registers package-supplied MCP server commands for the host workspace.
- No network calls or credential harvesting appear in the postinstall path.
- Existing scaffold files are preserved unless `--force` is supplied.
- No obfuscated payload, eval, or binary loading was found.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
bin/install-host.jsView on unpkg · L1Source fingerprint signature matches a known malicious package signature; route for source-aware review.
bin/install-host.jsView on unpkgPackage ships non-JavaScript build or shell helper files.
scripts/context/build-repomix.ps1View on unpkg