AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package has dual-use primitives for local profile storage, network sync, and Claude Code UI settings, but inspected flows are user-invoked and consent-gated rather than silent lifecycle behavior.
Decision evidence
public snapshot- package.json defines postinstall, but postinstall.js only prints an interactive notice and exits 0.
- install.js/statusline-install.js can modify ~/.claude/settings.json after typed "yes" consent and create backups.
- dist/bin/jpi-statusline-launch.js dynamically imports ~/.terminalhire/engine-path and can shell-run a preserved foreign statusLine.
- dist/bin/jpi-dispatch.js has network features for GitHub OAuth, terminalhire APIs, job indexes, and optional profile sync/lead submission.
- No install-time execution beyond print-only postinstall.js; install.js is not invoked by postinstall.
- Claude settings writes are user-invoked and consent-gated in install.js, statusline-install.js, and spinner --on.
- Lead/profile sync POSTs show explicit user consent flows before sending local profile fields.
- GitHub token is obtained via user-initiated device flow and stored encrypted under ~/.terminalhire.
- Network endpoints align with package purpose: job matching, GitHub auth/profile, chat/intro, and profile sync.
- No evidence of credential harvesting, hidden lifecycle payloads, destructive behavior, or unconsented AI-agent control mutation.
Source & flagged code
9 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
dist/bin/jpi-init.jsView on unpkgPackage source references child process execution.
dist/bin/jpi-init.jsView on unpkg · L7Package source references dynamic require/import behavior.
dist/bin/jpi-statusline-launch.jsView on unpkg · L28A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/bin/jpi-sync.jsView on unpkg · L1035Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/bin/jpi-sync.jsView on unpkg · L99Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/bin/jpi-dispatch.jsView on unpkg · L31