AI Security Review
scanned 1d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- cli.js setup writes Claude Desktop mcpServers.tapmarket to run npx -y tapmarket-connect serve.
- server.js exposes MCP hire_specialist tool that can approve USDC and buy TapMarket packs via ZeroDev wallet.
- server.js sends hire_specialist input and buyer address to catalog endpoints with TAP_SERVICE_TOKEN/public fallback.
- server.js writes local hires.jsonl receipts after specialist calls.
- package.json has no install/preinstall/postinstall lifecycle scripts.
- Claude config mutation is only under explicit tapmarket-connect setup, not install/import time.
- init-lib.js generates wallet keys locally and stores them in ~/.tapmarket/wallet.json mode 0600.
- No child_process, eval, shell startup, VCS hook, daemon, or broad file harvesting found.
- Network endpoints are aligned with Base Sepolia, ZeroDev RPC, and TapMarket specialist service behavior.
Source & flagged code
3 flagged · loading sourceSource appears to send environment or credential material to an external endpoint.
server.jsView on unpkg · L17A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
server.jsView on unpkg · L17Tarball package.json differs from the npm registry version manifest for scripts or dependency sets.
package.jsonView on unpkg