AI Security Review
scanned 13h ago · by lpm-firewall-aiThe package is a thin npm wrapper that downloads and stores a native Civitai CLI binary at install time, then executes it when the civitai command is invoked. This is package-aligned but leaves the downloaded executable outside the inspected npm source.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall or running bin/civitai.js when binary is missing
Impact
Uninspected remote binary is placed under the package and later executed by explicit CLI use
Mechanism
install-time download of native executable with checksum check
Rationale
No concrete malicious behavior is present in the inspected JavaScript source, and the network/binary behavior is disclosed and package-aligned. Because install-time download of an uninspected native executable remains a real staged-payload risk, warn rather than block or mark fully clean.
Evidence
package.jsonlib/install.jsbin/civitai.jsREADME.mdlib/binaries/civitailib/binaries/civitai.exelib/binaries/civitai.downloadlib/binaries/civitai.exe.download
Network endpoints2
github.com/civitai/cli/releases/download/v${version}/${file}github.com/civitai/cli/releases/download/v${version}/checksums.txt
Decision evidence
public snapshotAI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json runs postinstall: node lib/install.js
- lib/install.js downloads a platform binary from GitHub Releases during install
- lib/install.js writes executable to lib/binaries/civitai(.exe) with mode 0755
- bin/civitai.js later spawnSyncs the resolved binary and forwards CLI args/stdio
Evidence against
- Download URL is package-aligned: github.com/civitai/cli releases
- lib/install.js fetches checksums.txt and refuses checksum mismatches
- No credential/env harvesting beyond CIVITAI_CLI_BINARY override
- No broad filesystem, persistence, AI-agent config, or destructive behavior found
- No eval/vm/Function or obfuscated code found
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node lib/install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node lib/install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings