registry  /  @hallaxius/nim-booster  /  1.0.9

@hallaxius/nim-booster@1.0.9

OpenCode plugin that supercharges NVIDIA NIM providers — health-score key rotation, adaptive throttling, and automatic proxy rotation via webshare.io.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM blocks this version under the AI-agent control-surface policy. Install-time lifecycle code mutates OpenCode user/home and project control/config surfaces without an explicit user command. It registers this package as an OpenCode server/TUI plugin and creates booster config files.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install of @hallaxius/nim-booster@1.0.9
Impact
Package becomes registered in OpenCode configs and project config is dropped during dependency installation, altering a foreign/broad agent control surface.
Mechanism
unconsented npm postinstall AI-agent/plugin config mutation
Policy narrative
On npm install, the postinstall runs the CLI init routines. Those routines create or edit OpenCode config files under the user's opencode config directory, append @hallaxius/nim-booster to server/TUI plugin arrays, create a package config, and create a project booster.json. That is lifecycle-triggered registration into an AI-agent/plugin surface, not merely an explicit user-invoked setup command.
Rationale
Although the plugin functionality and Webshare endpoints are product-aligned, npm lifecycle execution unconditionally registers the package into OpenCode user/home configs and drops project config. Under the install-control-surface policy, unconsented lifecycle mutation of a foreign/broad AI-agent control surface is blockable.
Evidence
package.jsondist/bin.jsdist/config-installer.jsdist/opencode-runtime-paths.jsdist/proxy/store.jsdist/cli/proxy-test.js~/.config/opencode/opencode.json~/.config/opencode/tui.json~/.config/opencode/nim-booster/config.jsonbooster.json
Network endpoints4
proxy.webshare.io/api/v2/proxy/list/proxy.webshare.io/api/v2/proxy/list/refresh/p.webshare.ioipv4.webshare.io:443

Decision evidence

public snapshot
AI called this Malicious at 95.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for policy block
  • package.json defines postinstall: node dist/bin.js init; node dist/bin.js init-project.
  • dist/bin.js init calls updateOpenCodeConfigs; init-project calls writeProjectBoosterConfig on project root/current cwd.
  • dist/config-installer.js writes/updates opencode.json and tui.json plugin arrays with @hallaxius/nim-booster.
  • dist/config-installer.js writes default ~/.config/opencode/nim-booster/config.json and project booster.json during lifecycle.
  • dist/opencode-runtime-paths.js resolves configDir under user home/AppData/XDG opencode directory.
Evidence against
  • No child_process, eval/vm/Function, native binary, or obfuscated staged payload found in inspected entrypoints.
  • Network code is package-aligned Webshare proxy API use and appears gated by runtime proxy configuration.
  • README.md documents that postinstall modifies OpenCode configs and creates project config.
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 29 file(s), 133 KB of source, external domains: opencode.ai, proxy.webshare.io

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node dist/bin.js init 2>/dev/null; node dist/bin.js init-project 2>/dev/null || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node dist/bin.js init 2>/dev/null; node dist/bin.js init-project 2>/dev/null || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings