AI Security Review
scanned 1h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package uses npm postinstall to install an AI-agent skill into multiple unrelated assistant configuration directories under the user's home directory. This is an unconsented broad AI-agent control-surface mutation at install time.
Decision evidence
public snapshot- package.json defines postinstall: node bin/cli.js install --postinstall.
- bin/cli.js postinstall copies the packaged skill into six home-directory AI-agent skill directories including ~/.claude/skills, ~/.codex/skills, ~/.cursor/skills, ~/.devin/skills.
- bin/cli.js performs broad unconsented mutation of foreign agent control surfaces during npm install.
- No network code or endpoints found in inspected source beyond documentation links.
- No credential harvesting, obfuscation, eval/vm/Function, dynamic require, or child_process use found in bin/cli.js.
- README documents the automatic skill installation behavior; payload is a local Perfetto analysis skill, not a remote download.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
bin/cli.jsView on unpkg · L10Package ships non-JavaScript build or shell helper files.
skill/scripts/parse_perfetto_pb.pyView on unpkg