registry  /  @100xprompt/cli-darwin-x64  /  0.0.0-dev-full1

@100xprompt/cli-darwin-x64@0.0.0-dev-full1

AI Security Review

scanned 17h ago · by lpm-firewall-ai

No confirmed malicious attack surface by static inspection. Risky primitives are packaged inside a user-invoked AI coding CLI and are not activated by install except for local codesigning of the bundled binary.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; explicit 100xprompt CLI/runtime commands
Impact
No unconsented persistence, exfiltration, destructive action, or foreign agent control-surface mutation confirmed.
Mechanism
codesign bundled binary; user-invoked AI CLI/server capabilities
Rationale
The lifecycle hook is limited to re-signing the bundled binary, and inspected sourcemaps align the dangerous capabilities with explicit 100xprompt CLI/agent runtime behavior. I found no install-time control-surface hijack, credential exfiltration, persistence, or hidden remote-code execution beyond package-aligned user-invoked features.
Evidence
package.jsonbin/100xpromptbin/index.js.mapbin/worker.js.map
Network endpoints6
100xprompt.comproxy.100xprompt.comapi.100xprompt.aiopncd.aiapi.github.commodels.dev

Decision evidence

public snapshot
AI called this Clean at 78.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json has postinstall lifecycle script.
  • Ships large native Mach-O executable at bin/100xprompt.
  • Sourcemaps show agent CLI/server functionality with shell, MCP, LSP, and network features.
Evidence against
  • postinstall only re-signs ./bin/100xprompt with codesign; no home/project/agent-control writes at install time.
  • No npm bin/main import-time JS entrypoint; package is a platform binary shard.
  • Sourcemaps show runtime user-invoked CLI commands and package-aligned endpoints, not credential harvesting or exfiltration.
  • MCP handling reads user .mcp.json config and manages 100xprompt clients at runtime; no lifecycle planting of foreign AI-agent config found.
Behavioral surface
SourceNo risky source behavior triggered.
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 0 file(s), 0 B of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = codesign --remove-signature ./bin/100xprompt || true; codesign --sign - --force --preserve-metadata=entitlements,requirements,flags,runtime ./bin/100xprompt || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/100xpromptView file
path = bin/100xprompt kind = native_binary sizeBytes = 117454928 magicHex = [redacted]
Medium
Ships Native Binary

Package ships native binary artifacts.

bin/100xpromptView on unpkg

Findings

1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumShips Native Binarybin/100xprompt
LowScripts Present
LowNo License