AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a developer tool that installs a Claude Code harness into a project when explicitly run; install-time postinstall does not perform that mutation.
Decision evidence
public snapshot- scripts/install.js user-invoked install copies skills/agents/rules/hooks into project .claude/
- scripts/install.js merges package .claude/settings.json hook entries into project settings
- scripts/install.js can run npm view and git ls-remote/clone/pull against declared update sources
- package.json postinstall only runs scripts/install.js --post-install, which prints setup guidance and exits before project mutation
- scripts/install.js writes are aligned with package description as a Claude harness installer
- Hook scripts inspected are local guard/reminder/validation helpers, not credential harvesters or exfiltration code
- Network endpoints are package-aligned: npm registry lookup, GitHub repo update, ClickUp/Talos helpers requiring explicit user commands and env/local credentials
- No obfuscated payload, eval/Function, native binary loading, persistence outside documented harness files, or destructive behavior found
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/install.jsView on unpkg · L1Hardcoded password in rules/common/security.md
rules/common/security.mdView on unpkg · L62