AI Security Review
scanned 18h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The lifecycle hook re-signs the package-owned native binary only; broader shell/network/agent features appear runtime CLI behavior.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; user-invoked CLI runtime
Impact
install-time mutation limited to bin/100xprompt; runtime capabilities require user CLI invocation
Mechanism
package-owned binary codesign and interactive CLI agent features
Rationale
The suspicious primitives are package-aligned: a platform native binary and a postinstall codesign step limited to that binary. I did not find unconsented lifecycle mutation of foreign agent control surfaces, credential harvesting, persistence, or install-time exfiltration.
Evidence
package.jsonbin/100xpromptbin/index.js.mapbin/worker.js.mapbin/parser.worker.js.map./bin/100xprompt
Network endpoints1
opncd.ai/s/
Decision evidence
public snapshotAI called this Clean at 82.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json has postinstall lifecycle hook.
- Package ships large Mach-O x86_64 binary at bin/100xprompt.
- Source maps show user-invoked agent/CLI capabilities including shell, git, sessions, web server, and MCP/ACP integration.
Evidence against
- postinstall only runs codesign remove/sign commands against ./bin/100xprompt and ignores failures.
- No install-time writes to home/project AI-agent control surfaces found in package.json.
- otool shows only system dylib dependencies for bin/100xprompt.
- Source maps align with a 100xprompt CLI, with commands activated by runtime user actions.
- No credential harvesting or install-time network endpoints identified.
Behavioral surface
NoLicense
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/100xpromptView file
•path = bin/100xprompt
kind = native_binary
sizeBytes = 117454928
magicHex = [redacted]
Medium
Findings
1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumShips Native Binarybin/100xprompt
LowScripts Present
LowNo License