registry  /  @100xprompt/cli-darwin-x64-baseline  /  0.1.2

@100xprompt/cli-darwin-x64-baseline@0.1.2

AI Security Review

scanned 15h ago · by lpm-firewall-ai

No confirmed malicious install-time or import-time attack surface. The package ships a native CLI for 100xprompt, and the only lifecycle action is local codesigning of its own binary.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; user-invoked CLI runtime
Impact
No confirmed unconsented persistence, exfiltration, destructive action, or foreign agent control-surface mutation
Mechanism
self-codesigning native CLI with user-invoked agent features
Rationale
Static inspection found a package-aligned native 100xprompt CLI with source maps and a postinstall codesign step limited to its own binary. The risky agent, network, subprocess, and detached-process features appear runtime/user-invoked rather than unconsented lifecycle mutation or malware behavior.
Evidence
package.jsonbin/100xpromptbin/index.js.mapbin/parser.worker.js.mapbin/worker.js.map~/.local/share/100xprompt~/.config/100xprompt~/.cache/100xprompt~/.local/state/100xprompt
Network endpoints7
api.100xprompt.aiapi.100xprompt.com/v1app.100xprompt.ai100xprompt.comapi.github.comapi.openai.com/v1api.anthropic.com/v1

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json postinstall runs macOS codesign on ./bin/100xprompt
  • bin/100xprompt is a 113MB Mach-O x86_64 native executable
  • Source maps show user-invoked agent/swarm commands can spawn panes or detached 100xprompt processes
Evidence against
  • No install hook executes the shipped CLI; postinstall only removes/signs local binary signature with || true
  • No lifecycle writes to foreign AI-agent surfaces such as CLAUDE.md, .mcp.json, Codex/Cursor settings, or home agent configs found
  • Network endpoints in source maps are package-aligned service/model/GitHub endpoints used by runtime CLI features
  • File writes shown are app-owned XDG 100xprompt data/config/cache/log paths or user-invoked runtime artifacts
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 0 file(s), 0 B of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/100xpromptView file
path = bin/100xprompt kind = native_binary sizeBytes = 118274128 magicHex = [redacted]
Medium
Ships Native Binary

Package ships native binary artifacts.

bin/100xpromptView on unpkg

Findings

1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumShips Native Binarybin/100xprompt
LowScripts Present
LowNo License