AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. The package mutates Cursor agent configuration during npm postinstall by installing a project hook that can influence future agent replies. This is unconsented install-time modification of a broad AI-agent control surface.
Decision evidence
public snapshot- package.json runs postinstall: node install.js.
- install.js calls installSkillFiles during npm install.
- lib/copy.mjs copies templates/.cursor/hooks into project .cursor/hooks and merges .cursor/hooks.json.
- templates/.cursor/hooks.json registers postToolUse Write hook.
- resuggestor-post-canvas-write.sh injects additional_context into Cursor after matching Write operations.
- No credential harvesting or exfiltration found in install path.
- GitLab token handling is prompted/user-configured and used for GitLab API calls.
- chrome-devtools-mcp global install is interactive configure-time, not automatic postinstall.
Source & flagged code
7 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source invokes a package manager install command at runtime.
lib/mcp.mjsView on unpkg · L2Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
templates/.cursor/hooks/resuggestor-post-canvas-write.shView on unpkgPackage ships non-JavaScript build or shell helper files.
templates/.cursor/hooks/resuggestor-post-canvas-write.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
lib/paths.mjsView on unpkg