AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM blocks this version under the AI-agent control-surface policy. An npm `postinstall` modifies global Claude Code and Codex agent-skill directories without an explicit setup command. The dropped skill has auto-invocation rules and directs agent browser activity through this package.
Decision evidence
public snapshot- `package.json` runs `scripts/install-skill.js` in `postinstall`.
- Installer unconditionally writes `SKILL.md` into `~/.claude/skills/ttj-skills-browser`.
- Installer also writes a converted skill into `~/.agents/skills/ttj-skills-browser`.
- Dropped skill enables automatic invocation and directs AI browser work through this package.
- `dist/browser.js` auto-installs `ttj-skills-browser@latest` when its CLI later detects an update.
- No source path harvests credentials or environment secrets.
- No confirmed exfiltration endpoint beyond npm update checks.
- CDP browser actions require explicit CLI/skill activation at runtime.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/utils.jsView on unpkg · L5Install-time source drops package-supplied AI-agent/MCP control files or instructions.
scripts/install-skill.jsView on unpkg · L14This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/browser.jsView on unpkg