registry  /  @emend-ai/utim  /  1.46.10

@emend-ai/utim@1.46.10

UTIM – Universal Terminal Intelligence Manager. An agentic AI coding assistant for your terminal.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The package uses an npm postinstall hook to pre-install a Python engine package and repeats installation on first CLI run if missing. This is a risky install-time side effect but source inspection did not show credential theft, persistence, destructive behavior, or foreign AI-agent control-surface mutation.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
npm install or running the utim bin
Impact
Installs or upgrades package-aligned Python dependencies, causing install-time network/code execution risk without confirmed malicious payload in this package
Mechanism
postinstall and CLI-driven pip/package-manager installation
Rationale
Static inspection confirms risky install-time and runtime dependency installation, but no concrete malicious behavior beyond package-owned engine setup. Treat as suspicious/warn rather than block because the side effects are disclosed and aligned with the package purpose, with no exfiltration or control-surface hijack found.
Evidence
package.jsonscripts/postinstall.jsbin/utim.jsREADME.md/tmp/utim_install_<timestamp>.lock
Network endpoints5
registry.npmjs.org/eutalix.github.io/android-pydantic-core/termux-user-repository.github.io/pypi/utim.devgithub.com/emendai/utim.git

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node scripts/postinstall.js
  • scripts/postinstall.js runs python -m pip install --upgrade --quiet utim-cli during npm install
  • bin/utim.js auto-installs/updates utim-cli with pip on first CLI run if missing
  • bin/utim.js uses child_process and platform shell helpers including cmd.exe/osascript for installation
  • Termux path installs packages and adds extra pip indexes
Evidence against
  • No credential harvesting, filesystem enumeration, or exfiltration code found in inspected JS
  • No fetch/HTTP client or custom exfil endpoint in package source
  • Network activity is package-aligned dependency installation via pip/npm metadata URLs
  • No AI-agent config/control-surface writes found
  • CLI behavior matches README/package description as a launcher for UTIM Python engine
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystem
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 13.2 KB of source, external domains: eutalix.github.io, python.org, termux-user-repository.github.io

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/utim.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @emend-ai/utim@1.46.9 matchedIdentity = npm:QGVtZW5kLWFpL3V0aW0:1.46.9 similarity = 0.500 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

bin/utim.jsView on unpkg

Findings

2 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
HighPrevious Version Dangerous Deltabin/utim.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings