registry  /  @mattfillipe/diffler  /  0.2.7

@mattfillipe/diffler@0.2.7

Terminal code review for AI coding agents

AI Security Review

scanned 8d ago · by lpm-firewall-ai

The package is a thin npm wrapper that downloads and executes its own platform-specific diffler binary. This is a supply-chain trust surface but source inspection did not show malicious behavior in the JavaScript wrapper.

Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall or running the diffler CLI
Impact
Installs and runs a package-aligned native executable; no confirmed exfiltration or destructive behavior in inspected source
Mechanism
download, extract, install, and execute platform CLI binary
Rationale
Static inspection shows install-time binary fetching and later execution, but the code is transparent and aligned with the CLI package purpose. No concrete credential theft, exfiltration, persistence, destructive action, or AI-agent control-surface mutation was found.
Evidence
package.jsoninstall.jslib/resolve.jsbin/diffler.jsbin/difflerbin/diffler.exeos.tmpdir()/diffler-*
Network endpoints2
github.com/matheusfillipe/diffler/releases/downloadprocess.env.DIFFLER_DOWNLOAD_BASE

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json defines postinstall: node install.js
  • lib/resolve.js downloads a platform archive from GitHub releases or DIFFLER_DOWNLOAD_BASE
  • lib/resolve.js extracts archive with tar or PowerShell and copies executable into bin/diffler
  • bin/diffler.js executes resolved binary with caller args via spawnSync
Evidence against
  • Network endpoint is package-aligned: https://github.com/matheusfillipe/diffler/releases/download
  • No credential, env, home directory, or project file harvesting found
  • No obfuscation, eval/vm/Function, dynamic require, persistence, or destructive logic found
  • postinstall appears to install the package's own CLI binary, with lazy fetch on first CLI run
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 5.50 KB of source, external domains: github.com

Source & flagged code

4 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/diffler.jsView file
6L7: const { spawnSync } = require("node:child_process"); L8: const { ensureBinary } = require("../lib/resolve.js");
High
Child Process

Package source references child process execution.

bin/diffler.jsView on unpkg · L6
lib/resolve.jsView file
10const path = require("node:path"); L11: const http = require("node:http"); L12: const https = require("node:https"); L13: const { execFileSync } = require("node:child_process"); L14: ... L16: const BASE = L17: process.env.DIFFLER_DOWNLOAD_BASE || L18: `https://github.com/${REPO}/releases/download`;
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

lib/resolve.jsView on unpkg · L10

Findings

3 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processbin/diffler.js
HighSame File Env Network Executionlib/resolve.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings