AI Security Review
scanned 5h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- src/compiler/docs.ts defines AI helper pointer files for CLAUDE.md, AGENTS.md, .cursor/rules/toiljs.mdc, and .github/copilot-instructions.md.
- src/cli/create.ts selects AI helper files by default for `toiljs create`, but exposes `--no-ai` and an interactive None option.
- src/compiler/plugin.ts includes a dev-only AI proxy reading configured API-key env vars and posting prompts to OpenAI/Anthropic/custom endpoints.
- package.json has only prepublishOnly; no preinstall/install/postinstall lifecycle execution.
- AI helper contents are framework documentation pointers to .toil/docs, not prompt-injection, credential access, or command instructions.
- src/compiler/plugin.ts dev endpoints reject cross-site requests and constrain file access to the project root via realpath checks.
- src/cli/proc.ts child_process usage supports explicit CLI actions such as create/update/install/git, not import-time execution.
- Network usage is package-aligned: update checks, dev AI proxy, local dev proxy/WebSocket, and configured email sending.
- No evidence of credential harvesting, stealth persistence, destructive behavior, or remote payload loading at install/import time.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
tests/data-parity/generated-parity.tsView on unpkg · L9Package source references dynamic require/import behavior.
tests/data-parity/generated-parity.tsView on unpkg · L60A single source file combines environment access, network access, and code or shell execution; review context before blocking.
build/compiler/plugin.jsView on unpkg · L1This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
build/compiler/index.jsView on unpkg