AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The main risk is install-time setup of a first-party Pi/browser automation extension and native messaging bridge. No confirmed malicious exfiltration, persistence beyond product setup, or remote payload execution was found.
Decision evidence
public snapshot- package.json runs postinstall: node scripts/pi-postinstall.mjs.
- scripts/pi-postinstall.mjs spawns bin/pire-browser.js setup during npm install.
- bin/pire-browser.js can mutate Pi settings under ~/.pi/agent/settings.json or project .pi/settings.json via explicit pi repair.
- scripts/pi-install-migration.mjs removes legacy pire-browser Pi registrations and extension shims only when npm:pire-browser is present.
- No obfuscated code or hidden remote payload loader found in inspected entrypoints.
- Network references are package-aligned: npm registry update checks and GitHub repo metadata/legacy source matching.
- Child_process use launches package native binary, npm update commands, or Pi migration helper, not arbitrary downloaded code.
- Extension eval/fetch/proxy/auth features are user-invoked browser automation capabilities with redaction logic, not install-time exfiltration.
- Postinstall failures are nonfatal and PIRE_BROWSER_SKIP_POSTINSTALL disables setup.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage contains a possible secret pattern.
extension/dist/background.jsView on unpkg · L21This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/pire-browser.jsView on unpkgPackage source references child process execution.
bin/pire-browser.jsView on unpkg · L1Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
scripts/pi-postinstall.mjsView on unpkg · L2