AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `spec-cli/src/init.ts` invokes materialization after explicit `spex init`.
- `spec-cli/src/materialize.ts` creates agent contracts, hook shims, and Codex trust.
- `spec-cli/src/plugin-harness.ts` emits host-discovered plugin hooks.
- `spec-cli/hooks/dispatch.sh` processes Claude/Codex lifecycle hook payloads.
- `package.json` has a `postinstall` chmod operation on node-pty's helper.
- `postinstall` only chmods `node_modules/node-pty/prebuilds/*/spawn-helper`; it does not write agent config or contact a network.
- `spec-cli/bin/spex.mjs` runs only after the user invokes the `spex` binary.
- Agent-control writes are reached through explicit `spex init` or `spex materialize`, not install-time.
- No credential harvesting or external exfiltration endpoint was confirmed.
- `spec-cli/templates/spec/project/.config/core/idle/idle.sh` is a readable session-state handler, not an encoded payload.
Source & flagged code
9 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references child process execution.
spec-yatsu/src/scenariofresh.tsView on unpkg · L1Package source references weak cryptographic algorithms.
spec-cli/src/boardDelta.tsView on unpkg · L1A single source file combines environment access, network access, and code or shell execution; review context before blocking.
spec-forge/src/drivers/gitlab.tsView on unpkg · L4Package ships non-JavaScript build or shell helper files.
spec-cli/hooks/harness.shView on unpkgPackage hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
spec-cli/templates/spec/project/.config/core/idle/idle.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
spec-cli/src/cli.tsView on unpkg