AI Security Review
scanned 6d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established by source inspection. The install script performs package-aligned native binary acquisition and validation fallback for a Rust proxy CLI.
Decision evidence
public snapshot- package.json defines postinstall: node install.js
- install.js uses child_process.execSync to npm install platform-specific @bifrost-proxy package if optional dependency is missing
- install.js downloads https://registry.npmjs.org/${pkg}/-/${tarballName}-0.0.131.tgz and writes extracted binary fallback
- bin/bifrost executes the resolved platform binary with user CLI arguments and inherited environment
- package.json optionalDependencies are same-scope @bifrost-proxy platform packages pinned to 0.0.131
- install.js network endpoint is npm registry tarball for expected platform package, not an arbitrary host
- install.js writes only npm-install temp package.json and downloaded-* binary path under package directory, then removes temp install dir
- lib/index.js only resolves installed or downloaded platform binary path; no credential/file harvesting observed
- lib/platform.js shell use is limited to ldd --version for libc detection
- No AI-agent control-surface writes, persistence, destructive behavior, obfuscation, or exfiltration logic found
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage source invokes a package manager install command at runtime.
install.jsView on unpkg · L78Package source references dynamic require/import behavior.
install.jsView on unpkg · L1