AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `src/commands/oacb.js` downloads executable hook scripts from a pinned GitHub ref and writes them to `~/.claude/hooks` or `~/.codex/hooks`.
- `src/commands/oacb.js` merges remote baseline policy into `~/.claude/settings.json` or `~/.codex/config.toml`.
- `src/commands/discover.js` downloads a script from an unpinned `main` URL and executes it with Bash or PowerShell.
- The discovery flow can run under `sudo`, making fetched script execution higher impact.
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- `src/index.js` only registers commands; no OACB/discovery action runs on import or npm installation.
- OACB mutation requires explicit `unbound oacb apply`; it offers prompts, dry-run/preview, and blocking-tier warnings.
- No inspected code showed covert credential harvesting, command-output exfiltration, or hidden persistence.
Source & flagged code
5 flagged · loading sourceSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
src/toolHealth.jsView on unpkg · L18Source executes local commands and sends command output to an external endpoint.
src/commands/oacb.jsView on unpkg · L5A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
src/commands/oacb.jsView on unpkg · L5Package ships non-JavaScript build or shell helper files.
scripts/verify-nuke-ubuntu.shView on unpkg