AI Security Review
scanned 12h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No install-time attack was confirmed. Explicit harness setup can create project agent hooks; a separate manually-run template can modify the user's Claude configuration.
Decision evidence
public snapshot- `templates/.claude/install-hooks.sh` copies hooks and merges `~/.claude/settings.json` when manually run.
- `templates/.claude/hooks/hooks.json` registers persistent command/prompt hooks for agent session events.
- `templates/.claude/hooks/scripts/omcustom-auto-update.sh` checks npm and can globally update after an interactive TTY confirmation.
- `package.json` has no `preinstall`, `install`, or `postinstall` hook.
- Package execution and template deployment occur through explicit `omcustomcodex` CLI commands.
- Reviewed updater requires an interactive yes/no response before `npm install -g`.
- No reviewed source evidence of credential harvesting, data exfiltration, hidden payload execution, or destructive actions.
Source & flagged code
14 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.jsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L320Package source references weak cryptographic algorithms.
dist/index.jsView on unpkg · L320Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/cli/index.jsView on unpkg · L11993Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli/index.jsView on unpkg · L52Package source invokes a package manager install command at runtime.
dist/cli/index.jsView on unpkg · L23565Package source references a known benign dynamic code generation pattern.
dist/cli/index.jsView on unpkg · L34752Package source references dynamic require/import behavior.
packages/serve/build/server/index.jsView on unpkg · L39Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
templates/.claude/install-hooks.shView on unpkgPackage ships non-JavaScript build or shell helper files.
templates/.claude/install-hooks.shView on unpkgPackage ships compressed or archive-like blobs.
packages/serve/build/client/favicon.svg.brView on unpkgPackage ships high-entropy non-source blobs.
packages/serve/build/client/_app/immutable/nodes/8.cA6N2D29.js.gzView on unpkg