AI Security Review
scanned 42m ago · by lpm-firewall-aiNpm postinstall fetches an unverified remote platform archive, extracts it, and exposes its executable. TLS certificate validation is disabled, so the install-time payload can be substituted by the configured host or a network attacker.
Decision evidence
public snapshot- `package.json` runs `postinstall.mjs` during npm install.
- `postinstall.mjs` invokes `ensurePlatformBinary` unconditionally.
- `platform-bootstrap.mjs` downloads a platform tgz from a fixed IP endpoint.
- HTTPS validation is disabled with `rejectUnauthorized: false`.
- Downloaded archive has no signature or checksum verification before extraction.
- Install code extracts the archive, marks its binary executable, and links `.opencode`/`.oneskills` into package root.
- No credential harvesting, environment enumeration, or exfiltration appears in packaged source.
- No writes outside the package root or its `node_modules` subtree are shown.
- The runtime launcher only resolves and executes the installed platform binary.
Source & flagged code
4 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
platform-bootstrap.mjsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
platform-bootstrap.mjsView on unpkg