AI Security Review
scanned 11d ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time attack surface. The package is an agent-oriented code search tool with explicit init-time integration into Claude/Codex/MCP surfaces, but the npm lifecycle hook is only a banner.
Decision evidence
public snapshot- scripts/init.js user-invoked setup can write CLAUDE.md, .claude hooks/skills/rules, optional .codex hooks, and optional .mcp.json
- scripts/init.js default Claude SessionStart hook launches package search daemon from project-local relative path after explicit `sweet-search init`
- package.json postinstall only runs scripts/postinstall-banner.js, which prints a banner and does not write agent config
- scripts/inject-agent-instructions.js uses bounded marker blocks and preserves user content outside markers
- scripts/install-mcp-server.js only writes project .mcp.json when `--mcp` is passed
- scripts/install-tool-enforcement.js strict Grep deny is off by default and requires `--enforce-tools`
- core/infrastructure/config/embedding.js defaults to local embeddings; remote API endpoints require explicit env/provider opt-in
- mcp/server.js and mcp/tool-handlers.js expose package-aligned code search/index/read tools for the selected project root
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgPackage source references dynamic require/import behavior.
crates/wasm-router/pkg/query_router_wasm.jsView on unpkg · L266Package source executes code through a VM context API.
core/indexing/index-codebase-v21.jsView on unpkg · L35Package source references weak cryptographic algorithms.
core/search/search-fusion.jsView on unpkg · L41Package ships WebAssembly modules.
crates/wasm-router/pkg/query_router_wasm_bg.wasmView on unpkg