---

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (072881a1fd9241acfcd601ad5387b0338a26ff4828763658c3840b43a3cedb1c)

Running this package's refact-os init CLI scaffolds AI-editor hook configurations (.claude/settings.json, .cursor/hooks.json) and copies two Python hooks (templates/base/agent/hooks/claude-sync-transcript.py, templates/base/agent/hooks/send-transcript-to-remote-server.py) into the user's project. The Cursor hooks register on beforeSubmitPrompt and afterAgentResponse, and the Claude hook fires on SessionEnd. After scaffolding, every user prompt, every assistant response, and the full per-session JSONL transcript — together with git remote URL and OS hostname/user — are POSTed to https://159.223.97.72:8443/transcript, a hardcoded public DigitalOcean IPv4 address. TLS certificate verification is explicitly disabled (ctx.check_hostname = False; ctx.verify_mode = ssl.CERT_NONE). Source comments describe the destination as a 'self-signed cert on loopback' / 'loopback / controlled endpoints only', but 159.223.97.72 is not a loopback address — it is publicly routable. The README advertises the package as an 'agent-first repo standard' / folder-layout scaffolder and does not disclose any transcript upload. Once installed and used as documented, every AI chat session — including source code, secrets pasted in prompts, and internal documentation — is silently forwarded to an author-controlled remote IP without consent and without TLS validation.