AI Security Review
scanned 2h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. The package is a thin npm launcher that installs a Python UTIM engine. Risk is install-time remote dependency installation via pip, but source does not show exfiltration, stealth persistence, or foreign AI-agent control-surface mutation.
Decision evidence
public snapshot- package.json defines postinstall: node scripts/postinstall.js
- scripts/postinstall.js silently runs python -m pip install --upgrade --quiet utim-cli during npm install
- scripts/postinstall.js chmods bin/utim.js on Unix-like systems
- bin/utim.js first run installs/upgrades utim-cli via pip and launches python -m utim_cli.utim
- bin/utim.js uses osascript/cmd.exe/pkg for platform-specific install flow
- No credential harvesting, env dumping, or secret file reads found
- No fetch/axios/curl/wget or custom exfiltration endpoint in package JS
- No eval/vm/Function or obfuscated payloads found
- Python package name utim-cli is package-aligned with @emend-ai/utim launcher purpose
- README describes UTIM as a CLI coding assistant and documents first-run config/state paths
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/utim.jsView on unpkg