AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. No confirmed malicious attack surface. The package includes an explicit Claude hook command that can gate configured prompt-deployment tools, while normal build operations write package-owned `.typeglish` artifacts.
Decision evidence
public snapshot- package.json: `prepare` runs `husky || true`, a lifecycle VCS-hook setup attempt.
- dist/cli.js: `claude-hook` can deny configured agent-tool writes when explicitly invoked.
- package.json has no preinstall/install/postinstall hook.
- dist/cli.js only writes build outputs and manifests under `.typeglish/` after explicit `build`.
- dist/cli.js hook reads stdin/files/env but contains no network or subprocess execution.
- dist/mcp.js exposes stdio MCP check/build tools; path mode writes only requested project artifacts.
- No bidi/invisible Unicode controls were found in distributed `.js` files.
- No runtime HTTP client calls were found in package code.
Source & flagged code
2 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/chunk-KRYC4OTL.jsView on unpkg · L246A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/chunk-KRYC4OTL.jsView on unpkg