AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/swarm/pentest.js` sends live auth-bypass, rate-limit, XSS, SQLi, and privilege probes when `execute` is true.
- `src/commands/swarm.js` exposes the live probes through explicit `swarm pentest --execute`; default is dry-run.
- `src/commands/mcp.js` explicitly writes `.vscode/mcp.json`, creating an MCP bridge to the package CLI.
- `src/session/wake/codex.js` can construct Codex resume calls with `--dangerously-bypass-approvals-and-sandbox` when explicitly requested.
- `src/legacy-cli.js` supports writing resolved GitHub secret values to an env-selected `SENTINELAYER_SECRET_SINK_FILE`.
- `package.json` has no `preinstall`, `install`, `postinstall`, or `prepare` lifecycle hook.
- All package binaries only invoke `runCli()`; no install-time or import-time payload executes.
- Pentest network activity requires explicit `--execute`, an approved target ID, verified status, host matching, and allowed policy paths/methods/scenarios.
- The MCP bridge and session-guide writes are explicit CLI commands, not automatic npm-install mutations.
- No `eval`, `Function`, VM use, native loader, or remote code download/execution was found in inspected source.
Source & flagged code
6 flagged · loading sourcePackage source references child process execution.
src/ingest/engine.jsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
src/legacy-cli.jsView on unpkg · L602Package source invokes a package manager install command at runtime.
src/agents/jules/tools/runtime-audit.jsView on unpkg · L84This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/commands/session.jsView on unpkg