AI Security Review
scanned 5h ago · by lpm-firewall-aiNo confirmed malicious install-time or import-time attack surface. Runtime capabilities are explicit features of an AI CLI, including optional Google OAuth discovery and user-configured MCP commands.
Decision evidence
public snapshot- `dist/index.js` scans `client_secret_*.json` in Downloads when `/google auth` lacks configured credentials.
- `dist/index.js` supports explicit `/mcp add <name> <command>` configuration and connects configured stdio MCP servers.
- `dist/index.js` exposes package-owned file-write, edit, shell, and web-fetch agent tools.
- `package.json` preinstall only checks Node major version; postinstall only chmods `dist/index.js`.
- No lifecycle hook executes the bundled CLI, reads credentials, contacts a network endpoint, or writes external agent configuration.
- Google file discovery is only reached by the user-invoked `/google auth` command.
- The discovered OAuth credentials are used for documented Google OAuth/token endpoints, not a package-controlled collector.
- MCP commands require explicit interactive `/mcp add` or configured `autoLoad`; no `.claude`, `.cursor`, or `.codex` mutation was found.
Source & flagged code
8 flagged · loading sourceInstall-time lifecycle script matches a deterministic static-gate block pattern.
package.jsonView on unpkgPackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution with blocking evidence.
dist/index.jsView on unpkg · L14A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/index.jsView on unpkg · L14Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L14Package source references dynamic require/import behavior.
dist/index.jsView on unpkg · L2