AI Security Review
scanned 2h ago · by lpm-firewall-aiThe postinstall hook downloads opaque native artifacts into the package-local `bin/` directory. The command wrapper later executes the downloaded ACA binary and can replace it with a staged update.
Static reason
One or more suspicious static signals were detected.
Trigger
`npm install` runs the hook; invoking `aca` executes `bin/aca`
Impact
A release-host compromise or artifact substitution can deliver arbitrary native code when the CLI is run.
Mechanism
postinstall remote binary bootstrap with runtime execution
Rationale
This is an opaque remote-payload carrier with a postinstall fetch and update path, so source inspection cannot establish it as clean. The visible wrapper lacks a concrete malicious chain, so blocking is not justified.
Evidence
package.jsoninstall.cjscli-wrapper.cjsREADME.mdbin/acabin/aca.exebin/rgbin/rg.exebin/aca.vsixbin/.aca-pending-version
Network endpoints1
github.com/lokeshe09/aca-releases/releases/download/v0.0.16
Decision evidence
public snapshotAI called this Suspicious at 88.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` invokes `node install.cjs` on `postinstall`.
- `install.cjs` downloads platform binaries from a mutable GitHub release URL.
- Checksum metadata and executable are fetched from the same unpinned release source.
- `cli-wrapper.cjs` executes the downloaded `bin/aca` and accepts staged pending replacements.
- The installer also downloads `bin/rg` and `bin/aca.vsix`.
Evidence against
- Visible JS reads no credentials or user files.
- Install-time writes are limited to package-local `bin/` paths.
- `install.cjs` does not execute the fetched ACA binary during installation.
- No visible source mutation of VS Code, Cursor, Windsurf, or other agent configuration occurs.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.cjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.cjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License