AI Security Review
scanned 1d ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Running `npx youmindag` modifies the current project by copying an OpenCode plugin/config, scripts, documentation, and `AGENTS.md`. The installed plugin activates automatically in OpenCode and modifies agent task/tool context while recording local session metadata. No confirmed exfiltration or remote payload execution was found.
Decision evidence
public snapshot- `bin/run.mjs` explicitly installs a persistent `.opencode` configuration and plugin into the target project.
- `template/.opencode/plugins/context-loader.js` runs on OpenCode chat/tool hooks, reinjects context, and logs message/tool metadata locally.
- `bin/run.mjs` overwrites or backs up `AGENTS.md`, installs scripts, and can install a `post-merge` Git hook on explicit `sync --hook`.
- `bin/run.mjs` invokes `npm install @sentropic/graphify` during the explicit default CLI install flow.
- `package.json` has no preinstall, install, postinstall, prepare, or other lifecycle scripts.
- No fixed network, webhook, credential-exfiltration, or remote-payload endpoint exists in inspected source.
- `context-loader.js` writes only project-local `.youmindag` state/log files and calls local `graphify`/checkpoint commands.
- Destructive operations and dev/database commands are explicit subcommands, not import-time behavior.
Source & flagged code
3 flagged · loading sourceThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/run.mjsView on unpkgPackage source invokes a package manager install command at runtime.
bin/run.mjsView on unpkg · L2