AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/bin/shark.js` exposes `shark super --local`.
- That action recursively deletes and replaces `.agents/skills`.
- It copies the package-bundled `skills` tree into the agent skill directory.
- Agent responses can invoke `run_command`, implemented with a shell subprocess.
- `package.json` has no install, preinstall, or postinstall hook.
- The `.agents/skills` write is only reached by the explicit `shark super` command.
- Network auth/API code targets StackSpot endpoints expected by this AI CLI.
- No source evidence of credential exfiltration, stealth persistence, or remote payload loading.
Source & flagged code
3 flagged · loading sourcePackage source references weak cryptographic algorithms.
skills/brainstorming/scripts/server.cjsView on unpkg · L1Package ships non-JavaScript build or shell helper files.
skills/systematic-debugging/find-polluter.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/bin/shark.jsView on unpkg