AI Security Review
scanned 8h ago · by lpm-firewall-aiThe only install-time side effect is a `prepare` hook that invokes Lefthook and can install repository Git hooks. Mutating and release operations exist only in explicitly invoked CLI modes.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
Git/local lifecycle preparation or explicit `inixiative-config sync`/`train` command
Impact
Can add project hook/config files and, when explicitly requested, run dependency, Git, and publish operations.
Mechanism
Prepare-time Git-hook setup; user-invoked project synchronization and release automation
Rationale
Source supports a package-aligned configuration and release CLI, not malware. Per policy, its prepare-only VCS hook installation warrants a warning rather than a block.
Evidence
package.jsondist/cli.jslefthook/base.ymlREADME.mdversions.json
Decision evidence
public snapshotAI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `lefthook install` via `prepare`, which can install Git hooks.
- `dist/cli.js` `sync`/`train` explicitly write project configs and invoke Bun, Git, npm publish.
- `lefthook/base.yml` installs pre-commit typecheck and Biome commands.
Evidence against
- No `preinstall`, `install`, or `postinstall` lifecycle hook.
- CLI execution requires explicit `check`, `sync`, `scan`, or `train` user command.
- No credential/environment harvesting, obfuscated payload, eval, dynamic loading, or non-package network client found.
- Git/npm/Bun operations are fixed command arguments for documented toolchain and release workflows.
- Hook template performs only typecheck and lint commands.
Behavioral surface
ChildProcessFilesystemShell
Source & flagged code
3 flagged · loading sourcedist/cli.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @inixiative/config@0.5.7
matchedIdentity = npm:QGluaXhpYXRpdmUvY29uZmln:0.5.7
similarity = 0.500
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.jsView on unpkg3// src/cli.ts
L4: import { spawnSync as spawnSync2 } from "child_process";
L5: import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs";
High
291level: "error",
L292: message: "bun.lock missing \u2192 run bun install and commit the lockfile"
L293: });
L294: } else {
L295: const ignoreStatus = spawnSync("git", ["check-ignore", "-q", "bun.lock"], {
L296: cwd: dir2
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/cli.jsView on unpkg · L291Findings
1 Critical3 High3 Low
CriticalPrevious Version Dangerous Deltadist/cli.js
HighChild Processdist/cli.js
HighShell
HighRuntime Package Installdist/cli.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem