AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The package has a broad, obfuscated runtime that handles Claude Code credentials and agent-extension state. Its npm postinstall is inert because both referenced shell scripts are missing from this tarball.
Decision evidence
public snapshot- `bin/power-claude-*.js` and `out/extension.js` are heavily obfuscated.
- `bin/power-claude-cli.js` decrypts and installs `data/runtime/engine.enc`.
- Runtime code references Claude credentials, settings, hooks, and token material.
- `package.json` enables invisible inbound AI-agent message watching by default.
- `package.json` documents optional lifecycle-hook registration in `~/.claude/settings.json`.
- The only npm `postinstall` targets are absent from the published package, so it exits without mutation.
- No packaged install script writes to a foreign AI-agent surface.
- Documented license traffic is package-aligned; observed Anthropic URLs support its Claude integration.
- Hook installation is described as command-palette opt-in with explicit consent.
- No concrete credential exfiltration, destructive command, or remote payload download was confirmed.
Source & flagged code
11 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/power-claude-proxy.jsView on unpkgPackage source references child process execution.
bin/power-claude-proxy.jsView on unpkg · L1Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
bin/power-claude-proxy.jsView on unpkg · L1Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
bin/power-claude-rotator.jsView on unpkg · L1Package source references dynamic require/import behavior.
bin/power-claude-rotator.jsView on unpkg · L1Package ships native binary artifacts.
data/vendor/jq/jq-darwin-amd64View on unpkgPackage ships high-entropy non-source blobs.
data/runtime/engine.encView on unpkgPackage contains source files above the static scanner size ceiling.
bin/power-claude-cli.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
bin/power-claude-cli.jsView on unpkg