AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/tool-server.js` auto-runs `main()` on import.
- CLI accepts an arbitrary server URL and connects via Socket.IO.
- Remote socket events can request reads and edits using absolute paths.
- `Execute_commmand_host_machine` runs supplied commands through `bash -lc`.
- Startup globally sets Git `safe.directory` to `*`, with a sudo fallback.
- `package.json` has only `prepare: tsc`; no preinstall/install/postinstall hook.
- Remote access begins only when the CLI/import is run with controller arguments.
- Observed GitHub traffic is package-aligned (`api.github.com`) using supplied PAT.
- No hidden endpoint, encoded payload, eval, dynamic loader, or self-propagation found.
Source & flagged code
2 flagged · loading sourcePackage declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/githubOperationsHanlder.jsView on unpkg