AI Security Review
scanned 6d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- bin/run.mjs is a CLI bin that writes .opencode/, scripts/, boveda/, AGENTS.md and AGENTS.md.bak into the caller project.
- bin/run.mjs runs npm install @sentropic/graphify and npx graphify commands at explicit CLI runtime.
- template/.opencode/plugins/context-loader.js installs an OpenCode tool.execute.before hook that mutates future shell commands.
- template/.opencode/plugins/context-loader.js builds execSync command with unescaped task text inside shell quotes.
- package.json has no preinstall/install/postinstall lifecycle hooks.
- No credential exfiltration, destructive deletion, persistence outside project files, or hardcoded network exfil endpoint found.
- AI-agent control-surface writes happen from explicit npx youmindag CLI use, not unconsented install-time execution.
- Template files are package-aligned context/knowledge-vault tooling rather than covert payloads.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/run.mjsView on unpkgPackage source invokes a package manager install command at runtime.
bin/run.mjsView on unpkg · L2