AI Security Review
scanned 3h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/pi-outpost.mjs` exposes coding-agent read, write, and optional bash tools through a web UI.
- `dist/pi-outpost.mjs` loads configured extensions and can enable file mutation within a configured sandbox.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- The CLI defaults to `127.0.0.1:3141`; no package-specific external exfiltration endpoint was confirmed.
- `dist/pi-outpost.mjs` confines file tools to `sandbox.root` and gates writes on `sandbox.allowWrite`.
- The flagged Unicode asset is a large bundled browser/LSP dependency chunk; no concealed attack chain was found.
Source & flagged code
4 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/web/assets/chunk-KEIR6QF5-BfrZ3jm6.jsView on unpkg · L46Package ships high-entropy non-source blobs.
dist/web/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkgPackage contains source files above the static scanner size ceiling.
dist/pi-outpost.mjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/pi-outpost.mjsView on unpkg