registry  /  @dagucloud/dagu  /  2.10.0

@dagucloud/dagu@2.10.0

A powerful Workflow Orchestration Engine with simple declarative YAML API. Zero-dependency, single binary for Linux, macOS, and Windows.

AI Security Review

scanned 5d ago · by lpm-firewall-ai

No confirmed malicious attack surface in inspected source. The package is a platform binary wrapper with an install-time fallback downloader for its own versioned @dagucloud binary package.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install when optional platform package is missing, or explicit dagu CLI invocation
Impact
Installs or runs the Dagu binary; no source evidence of exfiltration, persistence, destructive behavior, or control-surface hijack.
Mechanism
version-pinned platform binary download and CLI exec wrapper
Rationale
The suspicious lifecycle and child_process signals are package-aligned: install.js only retrieves a version-matched platform binary from npm as a fallback, and the entrypoints invoke that binary for user-requested CLI use. Static inspection found no concrete malicious chain or unauthorized control-surface mutation.
Evidence
package.jsoninstall.jsindex.jsbin/clilib/platform.jsdagudagu.exe
Network endpoints3
registry.npmjs.org/@dagucloud/${platformSpecificPackageName}/-/${platformSpecificPackageName}-${PACKAGE_VERSION}.tgzgithub.com/dagucloud/dagugithub.com/dagucloud/dagu/issues

Decision evidence

public snapshot
AI called this Clean at 88.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json defines postinstall: node ./install.js
  • install.js downloads a platform tarball from registry.npmjs.org if optionalDependency binary package is absent
  • install.js writes extracted package/bin/dagu or dagu.exe to package directory with executable mode
  • bin/cli and index.js execute the resolved dagu binary with user-provided CLI args
Evidence against
  • Download URL is deterministic, version-pinned, and under @dagucloud platform packages listed as optionalDependencies
  • No credential, env, home-directory, npmrc, SSH, or token harvesting found
  • No eval/vm/Function, obfuscated strings, persistence, destructive commands, or AI-agent control-surface writes found
  • Runtime child_process usage is the expected CLI wrapper for this binary distribution package
  • Network access is limited to fallback binary retrieval from npm registry during install
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
UrlStrings
Manifest
CopyleftLicense
scanned 3 file(s), 9.47 KB of source, external domains: registry.npmjs.org

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node ./install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowCopyleft License