AI Security Review
scanned 11d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Risky primitives are aligned with an AI-harness lint/test tool and require explicit CLI, CI action, or installed hook invocation.
Decision evidence
public snapshot- Ships AI-agent hooks/skills and CLI code that can write harness configs when user runs init/compile.
- dist/run-hook.js can spawn shell commands for user-supplied hook tests; default behavior is user-invoked test/runtime functionality.
- action.yml uses npx to run vigiles@version in GitHub Actions, package-aligned CI behavior.
- package.json has no install/preinstall/postinstall/prepare lifecycle scripts.
- Main export dist/core/spec.js only exposes spec builder functions; no import-time network, shell, or file mutation.
- dist/cli.js writes generated specs, hooks, configs, and devDependency only in explicit CLI commands.
- dist/hook-install.js preserves existing hooks and merges compiled vigiles hook entries by path.
- hooks/*.sh run npx vigiles commands only when installed as agent hooks and triggered by project edits/session events.
- No credential harvesting or hardcoded exfiltration endpoint found in inspected source.
Source & flagged code
5 flagged · loading sourcePackage source references child process execution.
dist/dialect-drift.jsView on unpkg · L47Package source references dynamic require/import behavior.
dist/eval-baseline.jsView on unpkg · L26This package version adds a dangerous source file absent from the previous stored version.
dist/cli.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/cli.jsView on unpkg · L121Package ships non-JavaScript build or shell helper files.
hooks/post-edit.shView on unpkg