AI Security Review
scanned 2d ago · by lpm-firewall-aiReview flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Decision evidence
public snapshot- `bin/run.mjs` copies a packaged OpenCode plugin into the invoking project’s `.opencode/`.
- `bin/run.mjs` overwrites `.opencode/opencode.json` and `AGENTS.md` after explicit `npx youmindag` use.
- `template/.opencode/plugins/context-loader.js` hooks agent tool events and injects command-prefix reminders while writing `.youmindag/plugin-state.json`.
- The CLI installs and executes `@sentropic/graphify` through `npm install` and `npx graphify`.
- `package.json` has no `preinstall`, `install`, or `postinstall` lifecycle hook.
- No package source calls HTTP/network APIs or contains a concrete exfiltration endpoint.
- The agent-control writes occur only in the user-invoked CLI path, not at install or import time.
- Inspected plugin behavior is project-local context/checkpoint automation rather than credential harvesting or payload delivery.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/run.mjsView on unpkgPackage source invokes a package manager install command at runtime.
bin/run.mjsView on unpkg · L2