AI Security Review
scanned 15h ago · by lpm-firewall-aiNo confirmed malicious attack surface from static inspection. The install hook only re-signs the packaged binary; broader process spawning, network, auth, and plugin behavior appears runtime/user-invoked and package-aligned.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall or user-invoked CLI runtime
Impact
No confirmed unauthorized persistence, exfiltration, or agent control hijack
Mechanism
native CLI binary with codesign postinstall
Rationale
Static inspection confirms the flagged lifecycle script is limited to local codesigning of the shipped binary, while risky primitives in source maps are part of an AI CLI runtime and not install-time or unconsented foreign control-surface mutation. I found no concrete malicious behavior sufficient to block or warn.
Evidence
package.jsonbin/100xpromptbin/index.js.mapbin/parser.worker.js.mapbin/worker.js.map./bin/100xpromptGlobal.Path.data/auth.jsonGlobal.Path.data/pluginsGlobal.Path.data/swarm
Decision evidence
public snapshotAI called this Clean at 82.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json has postinstall lifecycle script
- bin/100xprompt is a Mach-O arm64 native executable
- source map includes user-invoked spawning/swarm features
Evidence against
- postinstall only runs codesign on ./bin/100xprompt and ignores failures
- no install-time writes to home/project AI-agent control surfaces found
- source maps show config/plugin writes under 100xprompt-owned paths
- network use appears package-aligned: update/model/plugin/CLI APIs
- no credential harvesting or exfiltration path confirmed
Behavioral surface
NoLicense
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/100xpromptView file
•path = bin/100xprompt
kind = native_binary
sizeBytes = 113187520
magicHex = [redacted]
Medium
Findings
1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumShips Native Binarybin/100xprompt
LowScripts Present
LowNo License