AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface. Install-time compilation creates the package’s own CLI; runtime reads/saves the Linear credential only to service user-invoked Linear API commands.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall or explicit `linear` CLI command
Impact
Creates the CLI binary and, after interactive authentication, stores and uses a Linear API token locally.
Mechanism
Bun compilation plus user-authorized Linear SDK API access
Rationale
The lifecycle hooks and native executable are explained by a transparent Bun CLI build, while source inspection found no concrete malicious behavior. Credential and network access are package-aligned and activated through explicit authentication or CLI use.
Evidence
package.jsonsrc/services/Config.tssrc/services/Browser.tssrc/services/Linear.tssrc/commands/auth.tssrc/commands/api.tsbin/linearsrc/main.tsskills/linear/SKILL.md
Network endpoints2
linear.app/settings/account/securityapi.linear.app/graphql
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- `package.json` runs `bun run build` in `postinstall`.
- `package.json` `prepare` invokes `lefthook install`.
- `src/services/Browser.ts` launches macOS `open` during interactive auth.
- `src/services/Config.ts` stores a user-entered API key under `~/.config/linear/token`.
Evidence against
- `postinstall` only compiles `src/main.ts` into the shipped CLI; no payload download or shell chain is present.
- All source-side API actions use `@linear/sdk` after a user invokes CLI commands.
- `BrowserService.open` receives only the fixed Linear security URL from `src/commands/auth.ts`.
- No source use of exfiltration endpoints, dynamic code loading, VM/eval, destructive file operations, or AI-agent config paths was found.
- `skills/linear/SKILL.md` instructs agents not to read tokens directly and requires explicit authorization for mutations.
- `bin/linear` is a Bun-compiled ELF whose embedded Linear endpoint is `https://api.linear.app/graphql`.
Behavioral surface
UrlStrings
NoLicenseWildcardDependency
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = bun run build
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = bun run build
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/linearView file
•path = bin/linear
kind = native_binary
sizeBytes = 98019456
magicHex = [redacted]
Medium
Findings
1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumShips Native Binarybin/linear
MediumWildcard Dependency
LowNon Install Lifecycle Scripts
LowScripts Present
LowUrl Strings
LowNo License