AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Install-time script mutates first-party package state and creates/updates 100xprompt user config. This is package-aligned but still an install lifecycle risk because it writes outside the package directory during npm install.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall or user running 100xprompt
Impact
Creates default 100xprompt config and normalizes executable/signing state for bundled platform binary; no confirmed exfiltration or remote code execution in inspected source.
Mechanism
first-party CLI binary setup plus package-owned config creation
Rationale
The package has install-time home config mutation and binary preparation, so warn under first-party agent/CLI lifecycle risk. Source inspection did not find concrete malicious behavior such as exfiltration, destructive actions, remote code loading, or foreign control-surface hijack.
Evidence
package.jsonpostinstall.mjsbin/100xprompt.jsbin/100xprompt$XDG_CONFIG_HOME/100xprompt/100xprompt.json~/.100xprompt/100xprompt.json/dev/tty
Decision evidence
public snapshotAI called this Suspicious at 78.0% confidence as Benign with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: bun/node ./postinstall.mjs
- postinstall.mjs writes or merges package-owned config at $XDG_CONFIG_HOME/100xprompt/100xprompt.json or ~/.100xprompt/100xprompt.json
- postinstall.mjs chmods, symlinks/copies platform binary, and runs macOS codesign on that binary
- bin/100xprompt.js spawns the selected @100xprompt platform binary with inherited env
Evidence against
- No fetch/http client or network execution found in package source
- No credential, token, SSH, or broad home-directory harvesting found
- No eval/vm/Function or remote payload loader found
- Postinstall changes are package-aligned binary setup and first-party config defaults
- Only inspected files are package.json, postinstall.mjs, and bin/100xprompt.js
Behavioral surface
ChildProcessEnvironmentVarsFilesystemShell
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = bun ./postinstall.mjs || node ./postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = bun ./postinstall.mjs || node ./postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License