AI Security Review
scanned 2d ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Install-time lifecycle performs remote fetches and writes an MCP control file under the user's home directory. It also starts package-managed infrastructure and installs another global npm package without a separate explicit setup command.
Decision evidence
public snapshot- package.json runs postinstall: node scripts/postinstall.mjs
- scripts/postinstall.mjs downloads remote .mcp.json.example with curl during install
- scripts/postinstall.mjs writes ~/.overmind/.mcp.json from downloaded MCP config
- scripts/postinstall.mjs runs docker pull/run and npm install -g overmind-postgres-mcp during install
- dist/lib/config.js defaults Claude permissions to --dangerously-skip-permissions for runtime agents
- No obfuscated payloads or encoded strings found in inspected sources
- No confirmed credential exfiltration path; env handling mostly local config/read/write
- Agent profile and .claude writes in dist/services/AgentManager.js are user-invoked tool actions
- Network endpoints are mostly package-aligned GitHub, Docker, npm, localhost, and provider URLs
Source & flagged code
9 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/lib/InstallHelper.jsView on unpkg · L1Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L10Package source invokes a package manager install command at runtime.
scripts/setup-windows.jsView on unpkg · L55Package ships non-JavaScript build or shell helper files.
bin/test_mcp.batView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
scripts/verify-install.mjsView on unpkg