AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package mutates broad AI-agent skill directories during npm postinstall. The shipped skill appears domain-aligned, but activation is unconsented at install time across several foreign agent control surfaces.
Decision evidence
public snapshot- package.json defines postinstall: node bin/cli.js install --postinstall
- bin/cli.js install() copies bundled skill/ into multiple home-directory AI agent skill folders
- Targets broad/foreign control surfaces: ~/.claude, ~/.github/copilot, ~/.cursor, ~/.antigravity, ~/.codex, ~/.devin
- Postinstall path runs silently because --postinstall sets silent mode
- No network request code found in bin/cli.js or shipped Python scripts
- Bundled skill content is aligned with Android Perfetto analysis
- Python scripts are user-invoked helpers for adb/perfetto trace collection and local JSON/report generation
- No credential/env harvesting or remote payload download observed
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
bin/cli.jsView on unpkg · L10Package ships non-JavaScript build or shell helper files.
skill/scripts/parse_perfetto_pb.pyView on unpkg