AI Security Review
scanned 1d ago · by lpm-firewall-aiThe package is a GoReleaser-style npm wrapper that downloads a checksummed platform binary at install time and runs it when the ghostable CLI is invoked. This is a legitimate binary distribution pattern with no confirmed malicious behavior in the inspected package source.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user invokes ghostable CLI
Impact
Installs and executes package-provided Ghostable CLI binary; no source evidence of unconsented data access or exfiltration
Mechanism
checksummed release-archive download and local binary launcher
Rationale
Static inspection found an install-time binary downloader/launcher, but the endpoints, filenames, and checksums are package-aligned and the JavaScript wrapper does not harvest data, persist, mutate agent controls, or execute remote code beyond the pinned CLI install flow. The suspicious scanner signals are explained by normal binary CLI packaging and documented user-invoked secret-management commands.
Evidence
package.jsoninstall.jslib.jsrun-ghostable.jsREADME.mdbin/ghostablebin/ghostable.exearchive-*/ghostable_0.3.0_npm_*.tar.gz
Network endpoints6
github.com/ghostable-dev/beta/releases/download/v0.3.0/ghostable_0.3.0_npm_darwin_arm64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.3.0/ghostable_0.3.0_npm_darwin_amd64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.3.0/ghostable_0.3.0_npm_linux_arm64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.3.0/ghostable_0.3.0_npm_linux_amd64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.3.0/ghostable_0.3.0_npm_windows_arm64.tar.gzgithub.com/ghostable-dev/beta/releases/download/v0.3.0/ghostable_0.3.0_npm_windows_amd64.tar.gz
Decision evidence
public snapshotAI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json defines postinstall: node install.js
- lib.js downloads a platform archive during install and extracts a binary to bin/
- run-ghostable.js invokes the installed binary with user CLI args via spawnSync
Evidence against
- install.js only imports and calls generated install() from lib.js
- Archive URLs are package-aligned GitHub release assets with pinned sha256 checksums in package.json
- lib.js verifies downloaded archive checksum before extraction
- No credential/env harvesting, exfiltration, persistence, destructive behavior, or AI-agent control-surface writes found in JS source
- README describes a local-first env management CLI; secret/.env handling is user-invoked CLI functionality
Behavioral surface
ChildProcessCryptoFilesystemNetworkShell
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem