AI Security Review
scanned 2h ago · by lpm-firewall-aiThe package has an install-time hook that pre-installs a Python engine and a runtime launcher that installs and runs the same engine if missing. This is package-aligned but creates install-hook supply-chain risk because code is fetched and installed outside npm during install/first run.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; running utim triggers first-run installation and launch
Impact
Installs and executes the package-owned Python CLI engine; no confirmed malicious payload or exfiltration in npm wrapper source
Mechanism
postinstall/CLI pip installation and Python module launch
Rationale
Static source inspection shows a real install-time remote package installation primitive, but it is disclosed/package-aligned and no concrete malicious behavior is present in the npm package source. Treat as suspicious install-hook risk rather than publish-block malware.
Evidence
package.jsonscripts/postinstall.jsbin/utim.jsREADME.mdos.tmpdir()/utim_install_*.lock
Network endpoints5
utim.devgithub.com/emendai/utim/issuesgithub.com/emendai/utim.gitregistry.npmjs.org/python.org
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node scripts/postinstall.js
- scripts/postinstall.js silently runs python -m pip install --upgrade --quiet utim-cli during npm install
- scripts/postinstall.js chmods bin/utim.js on Unix platforms
- bin/utim.js auto-installs utim-cli, upgrades pip, and installs Termux system packages on first run
- bin/utim.js launches python -m utim_cli.utim with user args
Evidence against
- No credential harvesting, broad file collection, or exfiltration code found in package files
- No eval/vm/Function or obfuscated payloads found
- Network behavior is package-aligned dependency installation via pip for utim-cli
- No AI-agent config/control-surface writes such as .codex, .cursor, or .claude found
- README describes UTIM as a local AI coding CLI and matches launcher behavior
Behavioral surface
ChildProcessEnvironmentVarsFilesystem
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings