AI Security Review
scanned 1d ago · by lpm-firewall-aiThe package mutates AI-agent control surfaces during npm postinstall. It installs bundled skills, output styles, and agent prompts into multiple home-directory IDE/agent locations without an explicit user command.
Decision evidence
public snapshot- package.json defines postinstall: node ./scripts/install-skills.mjs
- scripts/install-skills.mjs postinstall symlinks bundled skills into ~/.claude, ~/.codex, ~/.cursor, ~/.trae, ~/.qoder, etc.
- scripts/install-skills.mjs copies agents/*.md into AI-agent loader dirs such as ~/.claude/agents
- scripts/install-skills.mjs writes ~/.peaks/config.json and may auto-run peaks upgrade for detected 1.x projects
- agents/karpathy-reviewer.md is an agent prompt with Bash tool permission and review-gate instructions
- skills/peaks-solo/SKILL.md contains extensive autonomous workflow/control instructions for AI agents
- Installer uses managed markers and symlink/path validation to avoid overwriting unmanaged files
- No credential harvesting or external exfiltration endpoint found in inspected lifecycle code
- Runtime child_process/npx usage is tied to explicit CLI commands like playwright start or upgrade
Source & flagged code
7 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
dist/src/shared/process.jsView on unpkg · L1Package source references shell execution.
dist/src/services/upgrade/upgrade-service.jsView on unpkg · L151Package source references dynamic require/import behavior.
dist/src/cli/commands/loop-eval-commands.jsView on unpkg · L478Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/install-skills.mjsView on unpkg · L1Package source invokes a package manager install command at runtime.
dist/src/cli/commands/playwright-commands.jsView on unpkg · L27This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/src/cli/commands/session-auto-compact-hook-command.jsView on unpkg