AI Security Review
scanned 4h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- dist/index.js exposes explicit `init-harness` command that imports dist/harness-init.js.
- dist/harness-init.js copies Claude hooks/skill and Cursor rule into project .claude/.cursor paths.
- harness/claude/settings.snippet.json configures PostToolUse and Stop hooks.
- harness/claude/hooks/visionaire_gate.sh can block agent turn completion until verification marker exists.
- package.json has no preinstall/install/postinstall lifecycle scripts.
- Harness setup is user-invoked via `visionaire-engine init-harness`, not install-time mutation.
- dist/harness-init.js is non-destructive: skips existing files unless --force and never modifies existing .claude/settings.json.
- No credential harvesting or exfiltration endpoints found; fetch usage is for user/page-supplied resources.
- dist/types.js Unicode controls are inside a regex/comment for sanitizing page text, not Trojan Source control flow.
Source & flagged code
3 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/types.jsView on unpkg · L29A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/types.jsView on unpkgPackage ships non-JavaScript build or shell helper files.
harness/claude/hooks/visionaire_gate.shView on unpkg