AI Security Review
scanned 3h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Lifecycle behavior is non-clean because install scripts write first-party Wyrm state under ~/.wyrm and may patch node-gyp build metadata on Termux. The broader AI-agent control surface writes exist, but are behind explicit Wyrm setup/CLI commands rather than npm install.
Decision evidence
public snapshot- package.json defines preinstall and postinstall lifecycle scripts.
- scripts/postinstall.cjs creates ~/.wyrm and writes bundled-skills.json plus .first-install-shown during install.
- scripts/preinstall.cjs can patch node-gyp common.gypi on Android/Termux hosts.
- dist/autoconfig.js can write MCP configs and Claude hooks/statusline, including ~/.claude/settings.json, but via wyrm-setup/wyrm CLI.
- dist/handlers/companion.js contains confirmed self-update path running npm install -g wyrm-mcp@latest only after confirm:true.
- No install-time writes to Claude/Cursor/Codex foreign AI control surfaces were found.
- Postinstall writes only Wyrm's own ~/.wyrm namespace and displays setup instructions.
- AI client config and Claude hook mutations are user-invoked through setup/CLI commands.
- Cloud/network code is package-aligned to Wyrm sync/backup endpoints and local Ollama.
- No credential harvesting, hidden exfiltration, destructive logic, or remote code execution was confirmed.
Source & flagged code
10 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/wyrm-cli.jsView on unpkgPackage source invokes a package manager install command at runtime.
dist/wyrm-cli.jsView on unpkg · L1622Package source references dynamic require/import behavior.
dist/wyrm-cli.jsView on unpkg · L581Package source references weak cryptographic algorithms.
dist/harvest.jsView on unpkg · L18A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/wyrm-ui.jsView on unpkg · L18