AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. Postinstall performs a package-local native-launcher installation from declared platform optional dependencies.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall or explicit execution of the `claude` launcher
Impact
Installs or executes the package's intended platform-specific CLI binary; no source-confirmed exfiltration, remote fetch, persistence, or foreign control-surface mutation.
Mechanism
Platform detection and local optional-dependency binary placement/launch
Rationale
The static signals are explained by a conventional npm native-binary wrapper. Direct inspection found package-local binary selection and copying only, with no concrete malicious behavior.
Evidence
package.jsoninstall.cjscli-wrapper.cjsbin/claude.exe
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- `package.json` runs `node install.cjs` on postinstall.
- `install.cjs` replaces `bin/claude.exe` with a platform optional-dependency binary.
Evidence against
- `install.cjs` has no network, credential, or environment-harvesting logic.
- Postinstall resolves only declared `@go-hare/claude-code-*` optional packages.
- Writes are limited to the package-local `bin/claude.exe` launcher.
- `cli-wrapper.cjs` only selects and launches the matching local binary.
- Bundled `bin/claude.exe` is a shell error stub, not a native payload.
- No AI-agent configuration or broad user-directory mutation appears in packaged source.
Behavioral surface
ChildProcessEnvironmentVarsFilesystem
NoLicense
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.cjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.cjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/claude.exeView file
•path = bin/claude.exe
kind = native_binary
sizeBytes = 495
magicHex = [redacted]
Medium
Findings
1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
MediumShips Native Binarybin/claude.exe
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowNo License