AI Security Review
scanned 10d ago · by lpm-firewall-aiThe package has an install-time native binary downloader. The reviewed JS installs package-aligned release artifacts into its own package directory, but the downloaded executable payload is not present in the source package for static inspection.
Decision evidence
public snapshot- package.json defines postinstall: node ./install.js
- install.js calls binary.install(false) during npm install
- binary.js builds a GitHub release artifact URL from artifactDownloadUrl and platform artifactName
- binary-install.js downloads the artifact with axios and extracts it with tar/unzip
- binary-install.js installs executable files under node_modules/.bin_real
- No credential, env, or filesystem harvesting found in JS sources
- No exfiltration endpoints beyond package-aligned GitHub release download
- No eval/vm/Function or dynamic remote JS execution found
- No AI-agent control-surface writes in install-time JS
- README describes .claude/.agents skill installation as user-invoked CLI behavior
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
binary-install.jsView on unpkg · L92