registry  /  @go-hare/claude-code  /  2.6.22

@go-hare/claude-code@2.6.22

Reverse-engineered Anthropic Claude Code CLI — interactive AI coding assistant in the terminal

AI Security Review

scanned 22h ago · by lpm-firewall-ai

At npm postinstall, the wrapper locates a platform-specific optional dependency and links or copies its executable into its own `bin/claude.exe`. The inspected wrapper does not establish exfiltration, foreign control-surface mutation, or remote payload retrieval.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install executes the postinstall hook; invoking `claude` executes the installed platform binary.
Impact
Uninspected optional dependency binaries execute when the user invokes the CLI; no concrete malicious behavior is present in this package's inspected source.
Mechanism
package-local native-binary placement and launcher delegation
Rationale
Source inspection shows a conventional native-wrapper installer restricted to package-local binary placement. Because the platform binary packages are referenced but not included in this package, their behavior cannot be assessed here; that is supply-chain risk, not proof this package is malicious.
Evidence
package.jsoninstall.cjscli-wrapper.cjsbin/claude.exe@go-hare/claude-code-<platform>/package.json@go-hare/claude-code-<platform>/claude

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `package.json` runs `node install.cjs` on postinstall.
  • `install.cjs` replaces `bin/claude.exe` with an executable from a platform optional dependency.
  • The package ships only a wrapper/stub; the runtime native payload is sourced from separate optional packages not present here.
Evidence against
  • `install.cjs` resolves only `@go-hare/claude-code-<platform>` packages and writes only package-local `bin/claude.exe`.
  • Inspected JavaScript has no network calls, credential harvesting, eval, dynamic loading, or agent-config writes.
  • `cli-wrapper.cjs` only locates the platform package and spawns its binary with inherited stdio/environment.
  • Packaged `bin/claude.exe` is a 506-byte shell error stub, not a native executable.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 2 file(s), 8.13 KB of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node install.cjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.cjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/claude.exeView file
path = bin/claude.exe kind = native_binary sizeBytes = 506 magicHex = [redacted]
Medium
Ships Native Binary

Package ships native binary artifacts.

bin/claude.exeView on unpkg

Findings

1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
MediumShips Native Binarybin/claude.exe
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowNo License