AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. Installing the npm package triggers an opaque CLI command that mutates multiple home-directory AI-agent skill surfaces. It installs bundled implicitly invokable skills without an explicit user command.
Decision evidence
public snapshot- `package.json` postinstall silently runs `dist/cli.js setup-skills`.
- `dist/cli.js` resolves the home directory and targets multiple AI-tool skill locations, including `.cursor/skills`.
- `dist/cli.js` recursively copies/symlinks bundled skills into those locations and removes matching `sppt-` entries.
- Bundled `agents/openai.yaml` files enable implicit invocation for installed skills.
- `dist/skills/README.md` and `dist/skills/sppt/SKILL.md` document `setup-skills` and uninstall behavior.
- Setup code limits cleanup to its `sppt-` prefix and sources content from bundled `dist/skills`.
- No credential harvesting, remote payload download, or exfiltration was confirmed in the inspected setup path.
Source & flagged code
5 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/dashboard-ui/assets/index-CSE-Rlo8.jsView on unpkg · L467Package contains source files above the static scanner size ceiling.
dist/cli.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.jsView on unpkg