AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/proofloopHooks.js` explicitly installs Claude Code hooks and rewrites `<root>/.claude/settings.json`.
- Installed PostToolUse hook captures all tool calls and appends redacted parameters under `<root>/.proofloop/tooluse/`.
- `dist/gate.js` executes configured gate commands with `spawnSync(..., { shell: true })`; command content is user/project-configured.
- `dist/proofloopCi.js` explicitly writes `<root>/.github/workflows/proofloop-gate.yml`.
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- CLI dispatch requires explicit `hooks install`, `ci install github`, or gate invocation.
- No runtime network client/API or external network endpoint appears in `dist/`.
- Hook logger redacts credential-like keys before local JSONL writes.
- Uninstall removes only Proof Loop hook entries and `<root>/.proofloop/hooks`.
Source & flagged code
3 flagged · loading source`dist/proofloopHooks.js` explicitly installs Claude Code hooks and rewrites `<root>/.claude/settings.json`.
dist/proofloopHooks.jsView on unpkg`dist/gate.js` executes configured gate commands with `spawnSync(..., { shell: true })`; command content is user/project-configured.
dist/gate.jsView on unpkg`dist/proofloopCi.js` explicitly writes `<root>/.github/workflows/proofloop-gate.yml`.
dist/proofloopCi.jsView on unpkg