AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- scripts/install-clients.ts explicitly writes MCP server entries to Codex, Claude, Cursor, Gemini, VS Code, and other agent configs when run
- scripts/client-installer/config.ts embeds NetSuite OAuth/env values including client secret and refresh token into agent config env blocks
- scripts/public-url.ts downloads and executes ngrok on explicit public-url command and disables MCP auth for the tunnel flow
- scripts/suitecloud-project.ts can install helper tooling during explicit SuiteCloud/public-url workflows
- bin/postinstall.mjs only prints setup guidance and does not write files, run network calls, or mutate agent configs
- No install-time preinstall/install/postinstall mutation of foreign AI-agent control surfaces was found
- Network calls are package-aligned: NetSuite REST/RESTlet APIs, localhost MCP health checks, ngrok download/API, and OAuth/browser setup
- Child-process use is command-wrapper behavior around bun, browser open, ngrok, SuiteCloud/JDK setup, and user-invoked helper commands
- No credential harvesting or exfiltration endpoint outside configured NetSuite/ngrok/OAuth flows was found
Source & flagged code
9 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references child process execution.
bin/netsuite-supermcp-switch-account.mjsView on unpkg · L1This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
scripts/public-url.tsView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
scripts/smoke.tsView on unpkg · L1Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/netsuite-supermcp-setup.mjsView on unpkg · L1Package source invokes a package manager install command at runtime.
scripts/suitecloud-project.tsView on unpkg · L63