AI Security Review
scanned 1h ago · by lpm-firewall-aiThe package has an install-time native binary downloader and a CLI shim that runs that binary. Source inspection does not show data theft, persistence, destructive behavior, or AI-agent control hijack, but the fetched binary is outside the npm tarball source reviewed here.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall downloads binary; channel-discord CLI executes it
Impact
Unreviewed native executable is installed and later run by explicit CLI invocation
Mechanism
install-time GitHub release binary download with checksum from same release
Rationale
This is not enough to publish-block: the behavior is package-aligned and lacks concrete exfiltration, persistence, destructive action, or unconsented AI-agent control mutation. It should be warned because install-time fetching of an opaque executable leaves meaningful behavior outside the reviewed npm source.
Evidence
package.jsoninstall.jsbin/run.jsbin/channel-discordbin/channel-discord.exe
Network endpoints3
github.com/deadraid/morphy-releases/releases/download/v0.6.8/<platform-binary>github.com/deadraid/morphy-releases/releases/download/v0.6.8/sha256sums.txtgithub.com/deadraid/morphy-releases/releases/tag/v0.6.8
Decision evidence
public snapshotAI called this Suspicious at 83.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json runs postinstall: node install.js
- install.js downloads a platform executable from GitHub releases into bin/channel-discord or bin/channel-discord.exe
- install.js verifies sha256sums.txt from the same GitHub release, not an independently packaged npm integrity value
- bin/run.js executes the downloaded native binary with user-supplied CLI args
Evidence against
- No credential, env, npmrc, SSH, or filesystem harvesting patterns found
- No AI-agent control-surface writes or prompt/reviewer manipulation found
- Network endpoints are package/repository-aligned GitHub release URLs
- Install writes only inside the package bin directory and chmods the downloaded binary
- No bundled binary payload is present in the package source
Behavioral surface
ChildProcessCryptoFilesystemNetwork
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License