registry  /  @apexfdn/apex  /  1.0.1

@apexfdn/apex@1.0.1

Coding agent CLI with read, bash, edit, write tools and session management

AI Security Review

scanned 14h ago · by lpm-firewall-ai

The package uses a postinstall downloader to fetch a platform-specific executable, then exposes a CLI wrapper that runs it on user invocation. This is unresolved binary supply-chain risk, but source inspection did not show malicious install-time execution or exfiltration.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user running apex invokes the binary
Impact
Downloaded executable can perform arbitrary actions when invoked, but reviewed JS does not execute it during install
Mechanism
postinstall binary download plus CLI spawn wrapper
Rationale
The package is not proven malicious from source inspection, but postinstall retrieval of an opaque executable creates real unresolved supply-chain risk. The risk supports a warning rather than a publish block because the downloader is package-aligned and no concrete attack behavior was found.
Evidence
package.jsoninstall.jsapex.jsREADME.mdbin/apexbin/apex.exe
Network endpoints1
github.com/Apex-Foundation/copilot/releases/download/v1.0.1/apex-{linux-x64|darwin-arm64|darwin-x64|windows-x64}

Decision evidence

public snapshot
AI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node install.js.
  • install.js downloads a platform binary from GitHub releases into ./bin/apex or ./bin/apex.exe and chmods it executable.
  • apex.js spawns the package-local binary with inherited stdio and process.env when the user runs apex.
Evidence against
  • No preinstall/install-time execution of the downloaded binary; install.js only downloads and chmods it.
  • No credential harvesting, broad filesystem reads, exfiltration logic, or AI-agent config/control-surface writes found in published files.
  • Only package files present are package.json, install.js, apex.js, and README.md.
  • Network endpoint is a package-aligned GitHub release URL for Apex-Foundation/copilot.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 2.38 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings