registry  /  @hallaxius/nim-booster  /  1.0.5

@hallaxius/nim-booster@1.0.5

OpenCode plugin that boosts NVIDIA NIM providers with health-score rotation, adaptive throttling, and webshare.io proxy rotation.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM blocks this version under the AI-agent control-surface policy. The package uses an npm postinstall hook to register itself into the user's OpenCode configuration. This lifecycle-triggered AI-agent control-surface mutation occurs without an interactive consent gate.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install of @hallaxius/nim-booster@1.0.5
Impact
Unconsented activation of package-supplied OpenCode server/TUI plugin in the user's agent environment.
Mechanism
postinstall self-registration into OpenCode plugin configs
Policy narrative
On installation, npm runs the package postinstall command `node dist/bin.js init`. That CLI path calls `updateOpenCodeConfigs`, creates the OpenCode config directory, adds `@hallaxius/nim-booster` to both `opencode.json` and `tui.json`, and writes a default `nim-booster/config.json`. This registers package code into an AI-agent plugin surface as an install side effect rather than an explicit user-invoked setup step.
Rationale
Static source inspection confirms unconsented lifecycle-time mutation of a broad OpenCode AI-agent control surface, which is blockable under the install-control-surface policy. The proxy and key-management functionality appears package-aligned, but it does not mitigate the postinstall registration behavior.
Evidence
package.jsondist/bin.jsdist/config-installer.jsdist/opencode-runtime-paths.jsdist/proxy/store.jsdist/proxy/health.jsdist/config.js<opencode config dir>/opencode.json<opencode config dir>/tui.json<opencode config dir>/nim-booster/config.json
Network endpoints4
proxy.webshare.io/api/v2/proxy/list/proxy.webshare.io/api/v2/proxy/list/refresh/ipv4.webshare.io:443p.webshare.io

Decision evidence

public snapshot
AI called this Malicious at 94.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for policy block
  • package.json postinstall runs `node dist/bin.js init` during npm install.
  • dist/bin.js `init` calls updateOpenCodeConfigs without an interactive consent gate.
  • dist/config-installer.js creates/modifies OpenCode `opencode.json` and `tui.json` plugin arrays to add `@hallaxius/nim-booster`.
  • dist/config-installer.js also writes `nim-booster/config.json` under the OpenCode config directory.
  • dist/config-installer.js resolves the default target from OPENCODE_CONFIG_DIR or the user OpenCode config directory.
Evidence against
  • No child_process, eval/vm/Function, native binary loading, or obfuscated payload found in inspected files.
  • Network use is package-aligned Webshare proxy API access and proxy health checks, gated by configured token/proxy settings.
  • Credential handling stores user-provided OpenCode keys and Webshare token locally under OpenCode config/data paths.
  • No evidence of credential exfiltration, destructive filesystem behavior, or persistence outside OpenCode config/data paths.
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 29 file(s), 120 KB of source, external domains: opencode.ai, proxy.webshare.io

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node dist/bin.js init 2>/dev/null || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node dist/bin.js init 2>/dev/null || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings