AI Security Review
scanned 7d ago · by lpm-firewall-aiThe package has a conventional native-binary installer surface but no confirmed malicious behavior. Install downloads a versioned platform binary into the package bin directory; runtime CLI delegates to that binary.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user invoking ocv runs bin/ocv.
Impact
Installs and later executes a package-owned binary; no exfiltration, persistence, destructive behavior, or foreign control-surface mutation found in source.
Mechanism
platform-specific GitHub release binary download and CLI wrapper execution
Rationale
Static source inspection shows a package-aligned postinstall binary downloader and wrapper, not credential theft, remote code execution beyond its advertised binary install, or AI-agent hijacking. The scanner signals are explained by the lifecycle installer and environment override variables used for this CLI package.
Evidence
package.jsonpostinstall.cjsbin/ocvREADME.mdbin/.ocvbin/.ocv.exe
Network endpoints1
github.com/leohenon/opencode-vim/releases/download
Decision evidence
public snapshotAI called this Clean at 84.0% confidence as Benign with medium false-positive risk.
Evidence for block
- package.json defines postinstall: node ./postinstall.cjs.
- postinstall.cjs downloads a platform binary and writes bin/.ocv or bin/.ocv.exe with mode 0755.
- bin/ocv executes the downloaded binary or user-provided OCV_BIN_PATH via spawnSync.
Evidence against
- Download URL is package-aligned: github.com/leohenon/opencode-vim/releases/download/v<version>/<asset>.
- No credential/env harvesting beyond npm_package_version, OCV_RELEASE_BASE_URL, OCV_BIN_PATH.
- No broad file traversal, persistence, destructive commands, obfuscation, or AI-agent control-surface writes found.
- Network access is limited to fetching versioned release assets during install.
- README describes expected purpose: ocv OpenCode fork with vim keybindings.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node ./postinstall.cjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node ./postinstall.cjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings