AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Install-time code mutates a package-owned binary and package-owned user configuration. No confirmed credential collection, network exfiltration, foreign agent-control mutation, or destructive behavior appears in inspected source.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall; later explicit 100xprompt CLI invocation.
Impact
The installer can execute macOS codesign and write package-owned configuration; native platform binaries are delegated to optional packages not present in this source tree.
Mechanism
Platform-binary normalization/signing plus first-party config initialization.
Rationale
Source inspection does not establish malicious behavior. The postinstall hook performs package-owned agent setup and native binary mutation, which warrants a lifecycle-risk warning under the stated policy.
Evidence
package.jsonpostinstall.mjsbin/100xprompt.jsbin/100xprompt~/.config/100xprompt/100xprompt.json~/.100xprompt/100xprompt.json
Decision evidence
public snapshotAI called this Suspicious at 88.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- package.json runs postinstall.mjs during npm install.
- postinstall.mjs modifies a platform binary: chmod, macOS re-signing, then symlink/copy.
- postinstall.mjs creates or updates first-party config under ~/.config/100xprompt or ~/.100xprompt.
Evidence against
- No HTTP client, fetch, socket, or upload code appears in the inspected source.
- Config writes target only the package's 100xprompt namespace, not other AI-agent configs.
- bin/100xprompt.js only resolves and spawns the selected platform binary with inherited stdio.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemShell
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = bun ./postinstall.mjs || node ./postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = bun ./postinstall.mjs || node ./postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License