AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- cli.js setup writes Claude Desktop mcpServers.tapmarket config for explicit user-command agent integration.
- server.js exposes MCP hire_specialist that can spend wallet funds on TapMarket listings and call remote specialist endpoints.
- server.js sends TAP_SERVICE_TOKEN as Authorization to package-aligned tappayment.io specialist services when hire_specialist is invoked.
- init-lib.js creates local owner/session keys and stores wallet JSON under user-controlled path.
- package.json has no preinstall/install/postinstall lifecycle hooks.
- Claude config mutation is only under explicit `tapmarket-connect setup`, not install/import time.
- No source sends wallet ownerKey/sessionApproval or broad environment variables to a remote endpoint.
- Network endpoints are aligned with stated TapMarket/Base Sepolia functionality.
- No eval/vm/Function or remote code loading found.
Source & flagged code
4 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
server.jsView on unpkg · L19A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkg · L19Tarball package.json differs from the npm registry version manifest for scripts or dependency sets.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dashboard.jsView on unpkg