AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Installation silently invokes an agent-skill setup command. The CLI copies this package's bundled skill directories into Claude Code's user skill directory, enabling package-defined workflows to be discovered by an agent.
Decision evidence
public snapshot- `package.json` runs `dist/cli.js setup-skills` automatically in `postinstall`.
- `dist/cli.js` copies bundled skills into `~/.claude/skills` using filesystem operations.
- Bundled `agents/openai.yaml` files permit implicit agent invocation.
- The setup routine copies the package's own `dist/skills` directory; no foreign agent-control files were identified.
- No source evidence of credential harvesting, shell payload download, or install-time network exfiltration.
- Observed service endpoints support the documented commerce CLI and its cloud onboarding.
Source & flagged code
5 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/dashboard-ui/assets/index-ChYTl53S.jsView on unpkg · L467Package contains source files above the static scanner size ceiling.
dist/cli.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.jsView on unpkg