AI Security Review
scanned 4h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Automatic npm postinstall scaffolds package-controlled files into the consuming project. This includes a VS Code MCP control configuration that launches package scripts.
Decision evidence
public snapshot- `package.json` runs `node ./bin/install-host.js --postinstall` automatically on install.
- `bin/install-host.js` defaults its target to `INIT_CWD`/current directory and copies scaffold entries during postinstall.
- The scaffold list includes `.vscode`, `.github`, `.githooks`, `AGENTS.md`, and package-supplied scripts.
- `.vscode/mcp.json` registers MCP servers and launches package-supplied PowerShell scripts with execution-policy bypass.
- The postinstall path copies these foreign-project AI-agent control files before its noninteractive early return.
- No obfuscated payload, `eval`, VM execution, or dynamic remote-code loading was found.
- LangSmith publishing is guarded by enabled configuration plus an API key and project.
- Terminal telemetry hook installation is exposed through explicit `observe-on`, not invoked by the postinstall path.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
bin/install-host.jsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
scripts/context/build-repomix.ps1View on unpkg