AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `Toolkit.create()` enables built-in tools by default.
- `src/builtin.ts` exposes shell execution, file writes/deletes, and web fetch tools.
- `src/client.ts` automatically executes model-requested tools in its agent loop.
- `src/http.ts` expands configured environment variables into outbound request headers.
- `package.json` has no preinstall, install, or postinstall hook.
- No hard-coded third-party endpoint, credential harvesting, or covert exfiltration was found.
- Imports only export library modules; no import-time execution was found.
- No binaries, eval/vm use, persistence hook, or AI-agent configuration mutation was found.
Source & flagged code
3 flagged · loading source`src/builtin.ts` exposes shell execution, file writes/deletes, and web fetch tools.
src/builtin.tsView on unpkg`src/client.ts` automatically executes model-requested tools in its agent loop.
src/client.tsView on unpkg`src/http.ts` expands configured environment variables into outbound request headers.
src/http.tsView on unpkg