AI Security Review
scanned 5d ago · by lpm-firewall-aiInstallation fetches an executable selected by host platform and architecture. The CLI subsequently executes that downloaded executable. No source evidence shows credential theft, destructive actions, or foreign AI-agent configuration mutation.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install triggers `postinstall`; running `ocv` triggers the downloaded binary.
Impact
A compromised or replaced release asset could run arbitrary code as the installing or CLI user.
Mechanism
remote native-binary download followed by CLI execution
Rationale
The package creates an unresolved supply-chain execution risk by downloading and later launching an unverified executable during installation. Source inspection does not establish concrete malicious behavior, so blocking is not justified.
Evidence
package.jsonpostinstall.cjsbin/ocvbin/.ocv
Network endpoints1
github.com/leohenon/opencode-vim/releases/download
Decision evidence
public snapshotAI called this Suspicious at 88.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `postinstall` during npm installation.
- `postinstall.cjs` downloads a platform-specific executable and writes `bin/.ocv`.
- Downloaded release assets have no checksum, signature, or integrity verification.
- `bin/ocv` executes the downloaded binary with user CLI arguments.
Evidence against
- No credential harvesting, environment exfiltration, or destructive file operations found.
- Network target defaults to the package-aligned GitHub releases path.
- The launcher only executes the installed `bin/.ocv` or an explicitly supplied `OCV_BIN_PATH`.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node ./postinstall.cjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node ./postinstall.cjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings