AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- setup.js user-invoked setup writes Claude MCP config with npx slashvibe-mcp@latest
- index.js/presence.js fetch remote guest messages and inject them into MCP responses
- tools/start.js can git fetch/pull ~/.vibe/vibe-repo on vibe_start
- config.js persists OAuth/session tokens under ~/.vibe
- package.json has no npm lifecycle hooks
- setup.js is reached via bin/TTY setup, not install-time execution
- Network calls target package-aligned slashvibe.dev APIs
- tools/_work-context.js uses execFileSync for git and redacts token/secret patterns
- tools/subscriptions.js sends stored token only as Authorization to configured API
Source & flagged code
7 flagged · loading sourcePackage contains a critical-looking secret pattern.
tools/_work-context.test.jsView on unpkg · L83GitHub personal access token in tools/_work-context.test.js
tools/_work-context.test.jsView on unpkg · L83Source combines credential-like environment material and outbound requests; review data flow before blocking.
tools/subscriptions.jsView on unpkg · L39Package ships non-JavaScript build or shell helper files.
hooks/check-guest-messages.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
tools/start.jsView on unpkgGitHub personal access token in tools/_work-context.manual-test.js
tools/_work-context.manual-test.jsView on unpkg · L77