AI Security Review
scanned 17h ago · by lpm-firewall-aiNo confirmed malicious attack surface by static inspection. Risky primitives are packaged inside a user-invoked AI coding CLI and are not activated by install except for local codesigning of the bundled binary.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; explicit 100xprompt CLI/runtime commands
Impact
No unconsented persistence, exfiltration, destructive action, or foreign agent control-surface mutation confirmed.
Mechanism
codesign bundled binary; user-invoked AI CLI/server capabilities
Rationale
The lifecycle hook is limited to re-signing the bundled binary, and inspected sourcemaps align the dangerous capabilities with explicit 100xprompt CLI/agent runtime behavior. I found no install-time control-surface hijack, credential exfiltration, persistence, or hidden remote-code execution beyond package-aligned user-invoked features.
Evidence
package.jsonbin/100xpromptbin/index.js.mapbin/worker.js.map
Network endpoints6
100xprompt.comproxy.100xprompt.comapi.100xprompt.aiopncd.aiapi.github.commodels.dev
Decision evidence
public snapshotAI called this Clean at 78.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json has postinstall lifecycle script.
- Ships large native Mach-O executable at bin/100xprompt.
- Sourcemaps show agent CLI/server functionality with shell, MCP, LSP, and network features.
Evidence against
- postinstall only re-signs ./bin/100xprompt with codesign; no home/project/agent-control writes at install time.
- No npm bin/main import-time JS entrypoint; package is a platform binary shard.
- Sourcemaps show runtime user-invoked CLI commands and package-aligned endpoints, not credential harvesting or exfiltration.
- MCP handling reads user .mcp.json config and manages 100xprompt clients at runtime; no lifecycle planting of foreign AI-agent config found.
Behavioral surface
NoLicense
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/100xpromptView file
•path = bin/100xprompt
kind = native_binary
sizeBytes = 117454928
magicHex = [redacted]
Medium
Findings
1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumShips Native Binarybin/100xprompt
LowScripts Present
LowNo License