AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No unconsented install-time attack was confirmed. The package has guarded agent-extension behavior: user-invoked setup can modify Claude Code settings and selected MCP host configs, and runtime CLI commands call terminalhire/GitHub APIs.
Decision evidence
public snapshot- install.js can write ~/.claude/settings.json spinnerVerbs/spinnerTipsOverride after typed yes.
- statusline-install.js can copy ~/.terminalhire/statusline-launch.js and set ~/.claude/settings.json statusLine after typed yes.
- dist/bin/mcp-config.js can merge terminalhire MCP server into ~/.cursor/mcp.json or ~/.gemini/settings.json after per-host prompt.
- dist/bin/jpi-statusline-launch.js chains a saved foreign statusLine via shell spawnSync.
- dist/bin/jpi-refresh.js reads local profile/project signals and calls terminalhire.com APIs.
- package.json postinstall only runs postinstall.js; postinstall.js prints instructions and performs no writes or network calls.
- install.js/statusline-install.js have isMain guards and typed consent before settings writes.
- MCP setup is user-invoked through terminalhire init and skips non-interactive stdin.
- MCP server in dist/bin/jpi-mcp.js exposes read-only local cache tools, not command execution.
- Network endpoints are package-aligned and documented: terminalhire.com and api.github.com.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source references child process execution.
dist/bin/jpi-chat.jsView on unpkg · L5088Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/bin/jpi-chat.jsView on unpkg · L128This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/bin/jpi-dispatch.jsView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/bin/jpi-dispatch.jsView on unpkg · L25856Package source references dynamic require/import behavior.
dist/bin/jpi-init.jsView on unpkg · L347A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/bin/jpi.jsView on unpkg · L5Source collects local host identity data and sends it to an external endpoint.
dist/bin/jpi-refresh.jsView on unpkg · L60Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/bin/jpi-sync.jsView on unpkg · L128