AI Security Review
scanned 4d ago · by lpm-firewall-aiInstall-time behavior is aggressive and mutable but aligned with the package's advertised Docker/PostgreSQL setup. No confirmed malicious exfiltration or unconsented AI-agent hijack was established.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall.mjs
- scripts/postinstall.mjs runs docker pull/run, curl, and npm install -g overmind-postgres-mcp at install time
- scripts/postinstall.mjs downloads mutable config from raw.githubusercontent.com into ~/.overmind
- dist/bin/cli.js exposes MCP tools that can spawn local AI CLIs via run_agent when invoked
- No credential harvesting or exfiltration found in inspected files
- dist/bin/cli.js env handling formats/loads local .env rather than transmitting secrets
- HTTP server defaults to localhost and refuses non-loopback HTTP without SSL
- Agent config writes are user-invoked MCP tools with name/path validation
- No obfuscated payloads, native binary loaders, or import-time remote code execution found
Source & flagged code
8 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/lib/InstallHelper.jsView on unpkg · L1Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L10Package source invokes a package manager install command at runtime.
scripts/setup-windows.jsView on unpkg · L55Package ships non-JavaScript build or shell helper files.
bin/test_mcp.batView on unpkg