AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `setup-mcp` explicitly writes MCP entries for multiple AI-agent config files.
- `agents.js` includes user-home targets such as Copilot, Gemini, Cline, and project Codex configs.
- `managed-server.js` can download, extract, persist, and later execute a managed MCP binary.
- `proxyConfigure` executes that managed binary only through an explicit configure command.
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- CLI entrypoint parses user commands; package-root library entry is documented/exported side-effect free.
- Agent-config writes require explicit `setup-mcp <agent-id>` invocation.
- Default managed-server release download verifies SHA-256 before extraction; download routine does not launch the binary.
- Observed network use is update checking, cloud/MCP requests, or explicit server download.
Source & flagged code
1 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/utils/managed-server.jsView on unpkg