registry  /  @clovapi/cli  /  0.2.2

@clovapi/cli@0.2.2

Global npm launcher for the clovapi CLI

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Postinstall retrieves and unpacks a remote native executable, then places it in the user's clovapi config directory. The launcher executes that binary when the user invokes clovapi. No source-confirmed credential theft, destructive action, or AI-agent control-surface mutation was found.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install or global install; later invocation of clovapi
Impact
A compromised or overridden artifact source can supply code that runs when the user invokes clovapi.
Mechanism
postinstall remote binary download, extraction, and local executable replacement
Rationale
The source implements a documented package-aligned native-binary bootstrapper, not a confirmed malicious chain. Its automatic remote executable delivery has unresolved supply-chain risk because integrity metadata comes from the same mutable source as the payload.
Evidence
package.jsonscripts/install.jsscripts/paths.jsscripts/win-replace.jsbin/clovapi.jsREADME.md~/.config/clovapi/bin/clovapi%APPDATA%\clovapi\bin\clovapi.exevendor/clovapi
Network endpoints2
downloads.clovapi.com/clovapi/v${versionTag}github.com/joohw/clovapi/releases/download/v${versionTag}

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • package.json defines a postinstall hook.
  • scripts/install.js downloads a platform archive during postinstall.
  • Checksum is downloaded from the same mutable base URL as the archive.
  • scripts/install.js installs the extracted executable under the user config directory.
  • bin/clovapi.js later executes that installed executable.
Evidence against
  • No credential, environment, or home-directory harvesting found.
  • No exfiltration, eval, dynamic code loading, or AI-agent configuration writes found.
  • Network URLs and installed paths are documented and package-aligned.
  • Downloaded archive name is fixed to package version, platform, and architecture.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 11.7 KB of source, external domains: downloads.clovapi.com, github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings