registry  /  @paulnsorensen/hallouminate-nightly  /  0.0.0-experimental.6.1

@paulnsorensen/hallouminate-nightly@0.0.0-experimental.6.1

EXPERIMENTAL rolling build of paulnsorensen/hallouminate off main — NOT the official `hallouminate` package

AI Security Review

scanned 2m ago · by lpm-firewall-ai

Postinstall downloads a platform-specific native executable from the project's GitHub nightly release, verifies a colocated checksum, and extracts it under the package directory. Runtime launches that extracted executable. No source-confirmed credential theft, persistence, or AI-agent control-surface mutation exists.

Static reason
One or more suspicious static signals were detected.
Trigger
npm installation triggers `postinstall`; invoking `hallouminate` triggers the extracted binary.
Impact
A mutable remote nightly artifact executes after install; its contents are not inspectable in this package source.
Mechanism
Verified-at-install native nightly binary bootstrapper.
Rationale
The source is a transparent install-time remote native-binary bootstrapper, creating a real unresolved supply-chain execution risk but no concrete malicious behavior. Downgrade to warn rather than block.
Evidence
package.jsoninstall.jsrun.jsbin/hallouminate
Network endpoints1
github.com/paulnsorensen/hallouminate/releases/download/nightly/

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` runs `node install.js` at postinstall.
  • `install.js` downloads a nightly archive and executes system `tar` to unpack it.
  • The checksum is fetched from the same mutable nightly release location as the archive.
  • `run.js` launches the downloaded native binary.
Evidence against
  • Only three source files are present; no hidden bundled payload was found.
  • `install.js` uses a fixed GitHub release URL, HTTPS-only redirects, a timeout, and SHA-256 verification.
  • No environment/credential harvesting, exfiltration, agent-config writes, eval, or shell interpolation appears in inspected source.
  • Writes are confined to package-local `bin/hallouminate`; `run.js` only forwards CLI arguments and signals.
Behavioral surface
Source
ChildProcessCryptoFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 7.46 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings