registry  /  @linghun/cli  /  0.1.12

@linghun/cli@0.1.12

AI Security Review

scanned 12d ago · by lpm-firewall-ai

No confirmed malicious attack surface in inspected source. The lifecycle hook is limited to executable permission fixes for bundled/package-aligned binaries, and broader AI-agent capabilities are exposed through explicit CLI/TUI commands.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user invokes linghun CLI commands
Impact
No credential exfiltration, persistence, destructive action, or unconsented foreign agent control mutation confirmed
Mechanism
chmod package executables and run package-aligned CLI
Rationale
Static inspection found a package-aligned CLI whose postinstall only fixes executable permissions and whose sensitive model/API-key handling is user-invoked and masked. Scanner signals map to expected AI CLI behavior rather than concrete malware or unconsented lifecycle control-surface mutation.
Evidence
package.jsonscripts/postinstall.cjsdist/main.jsbundled/* package executable paths when presentoptional @linghun/* package executable paths when present

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json defines postinstall lifecycle hook
  • dist/main.js offers user-invoked headless mode with autoApprove default true
  • dist/main.js reads prompt files/stdin and project settings during explicit CLI commands
Evidence against
  • scripts/postinstall.cjs only chmods package/optional @linghun executables if present
  • No install-time writes to foreign AI-agent control surfaces found
  • No fetch/http/WebSocket or exfiltration endpoint in inspected package files
  • API keys are reported masked in model doctor output
  • Runtime imports are package dependencies under @linghun and are command-triggered
Behavioral surface
Source
CryptoEnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 25.6 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.cjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.cjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem