AI Security Review
scanned 5h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Install-time code mutates a user-home MCP control file and installs/starts supporting services without an explicit user command. The package also defaults Claude runner execution to permission skipping at runtime.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall.mjs
- scripts/postinstall.mjs lifecycle writes ~/.overmind/.mcp.json from package-fetched config
- scripts/postinstall.mjs downloads mutable config from raw.githubusercontent.com during install
- scripts/postinstall.mjs runs npm install -g overmind-postgres-mcp during install
- scripts/postinstall.mjs starts Docker pgvector container with --restart unless-stopped
- dist/lib/config.js defaults Claude permissions to --dangerously-skip-permissions
- Writes target ~/.overmind package namespace rather than obvious Claude/Cursor home config
- Agent names are validated before per-agent .claude file paths
- Runtime runner spawning appears tied to explicit MCP/CLI agent actions
- No direct credential exfiltration endpoint found in inspected source
Source & flagged code
13 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
bin/launch.cjsView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/lib/InstallHelper.jsView on unpkg · L1Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/postinstall.mjsView on unpkg · L10Package source invokes a package manager install command at runtime.
scripts/setup-windows.jsView on unpkg · L55Package ships non-JavaScript build or shell helper files.
bin/test_mcp.batView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
scripts/verify-install.mjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/services/ClaudeRunner.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/services/KiloRunner.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
scripts/auto-install.mjsView on unpkg