registry  /  @ghostable/beta  /  0.2.4

@ghostable/beta@0.2.4

Local-first encrypted environment management CLI

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The package uses a GoReleaser-style postinstall to fetch a checksummed platform binary, then user-invoked CLI execution spawns that binary.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; ghostable CLI invocation runs installed binary
Impact
Installs and runs the Ghostable CLI; no source-level exfiltration or destructive behavior found
Mechanism
checksummed release binary downloader and CLI shim
Rationale
Static inspection found install-time network and child_process behavior, but it is package-aligned binary installation with pinned checksums and no source evidence of harvesting, exfiltration, persistence, destructive actions, or reviewer/agent manipulation. The scanner hints are explained by the GoReleaser npm wrapper and the package's documented CLI purpose.
Evidence
package.jsoninstall.jsrun-ghostable.jslib.jsREADME.mdbin/ghostablebin/ghostable.exearchive-*/
Network endpoints6
github.com/ghostable-dev/beta/releases/download/v0.2.4/ghostable_0.2.4_npm_darwin_arm64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.2.4/ghostable_0.2.4_npm_darwin_amd64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.2.4/ghostable_0.2.4_npm_linux_arm64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.2.4/ghostable_0.2.4_npm_linux_amd64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.2.4/ghostable_0.2.4_npm_windows_arm64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.2.4/ghostable_0.2.4_npm_windows_amd64.tar.gz

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json defines postinstall: node install.js
  • lib.js downloads platform archive during install and extracts binary to bin/
  • lib.js run() spawns bin/ghostable with user CLI args
Evidence against
  • install.js only imports install() from lib.js
  • package.json archive URLs are GitHub release assets for ghostable-dev/beta v0.2.4 with sha256 digests
  • lib.js verifies archive checksum before extraction
  • No credential/env harvesting, exfiltration POSTs, eval/vm/Function, persistence, or AI-agent control-surface writes found
  • README.md describes this as a local-first environment/secrets management CLI, matching the binary installer behavior
Behavioral surface
Source
ChildProcessCryptoFilesystemNetworkShell
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 6.45 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem