AI Security Review
scanned 2h ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `dist/cli.js` explicitly accepts a curl target or OpenAPI URL and executes generated payloads.
- `dist/executor/runner.js` sends HTTP requests with supplied endpoint headers/body.
- `dist/analyzer/cli-provider.js` invokes installed Claude, Gemini, or Codex CLIs via `execFile`.
- `dist/analyzer/openai-compat.js` uses configured OpenAI-compatible API access.
- `package.json` has no install, postinstall, or preinstall lifecycle hook.
- `dist/cli.js` requires an explicit user CLI invocation and target input.
- `dist/executor/public-target.js` rejects private/non-global targets unless `--allow-private` is supplied.
- `dist/analyzer/cli-provider.js` uses temporary directories, filtered environment variables, and cleanup; Codex is read-only/ephemeral with tools disabled.
- `dist/reporter/json.js` and `dist/security/redaction.js` redact report values before writing.
Source & flagged code
4 flagged · loading source`dist/cli.js` explicitly accepts a curl target or OpenAPI URL and executes generated payloads.
dist/cli.jsView on unpkg`dist/executor/runner.js` sends HTTP requests with supplied endpoint headers/body.
dist/executor/runner.jsView on unpkg`dist/analyzer/cli-provider.js` invokes installed Claude, Gemini, or Codex CLIs via `execFile`.
dist/analyzer/cli-provider.jsView on unpkg`dist/analyzer/openai-compat.js` uses configured OpenAI-compatible API access.
dist/analyzer/openai-compat.jsView on unpkg