AI Security Review
scanned 14d ago · by lpm-firewall-aiThe package is a highly privileged Claude Code/VS Code integration that can mutate Claude settings, hooks, extension files, and active Claude OAuth credentials. Obfuscation plus a broken/missing postinstall target leaves unresolved supply-chain risk, but source inspection did not confirm exfiltration or a working install-time attack.
Decision evidence
public snapshot- bin/power-claude-cli.js, bin/power-claude-proxy.js, and bin/power-claude-rotator.js are heavily obfuscated bundled executables.
- package.json declares postinstall "bash scripts/release/merge-drivers/register.sh", but that file is absent from the extracted package.
- scripts/hooks/rate-limit/handler.sh copies selected profiles into ~/.claude/.credentials.json to rotate Claude credentials.
- scripts/lib/link-account.sh reads OAuth tokens from ~/.claude/.credentials.json and calls https://api.anthropic.com/api/oauth/profile.
- Multiple scripts patch Claude Code/VS Code extension files and ~/.claude/settings.json hooks.
- No confirmed install-time payload was readable because the declared postinstall target is missing from the package.
- Credential handling and local proxying align with the package's stated Claude account-rotation purpose.
- Network evidence is primarily local proxy endpoints, api.anthropic.com, and the vendor site neural-llm.com.
- No direct evidence found of sending Claude tokens to an unrelated third-party host.
Source & flagged code
9 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
bin/power-claude-rotator.jsView on unpkg · L1Package source references dynamic require/import behavior.
bin/power-claude-rotator.jsView on unpkg · L1Package ships native binary artifacts.
data/vendor/jq/jq-darwin-amd64View on unpkgPackage ships non-JavaScript build or shell helper files.
scripts/emergency/uninstall.shView on unpkgPackage contains source files above the static scanner size ceiling.
bin/power-claude-cli.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
bin/power-claude-cli.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
bin/power-claude-proxy.jsView on unpkg