AI Security Review
scanned 2m ago · by lpm-firewall-aiPostinstall downloads a platform-specific native executable from the project's GitHub nightly release, verifies a colocated checksum, and extracts it under the package directory. Runtime launches that extracted executable. No source-confirmed credential theft, persistence, or AI-agent control-surface mutation exists.
Static reason
One or more suspicious static signals were detected.
Trigger
npm installation triggers `postinstall`; invoking `hallouminate` triggers the extracted binary.
Impact
A mutable remote nightly artifact executes after install; its contents are not inspectable in this package source.
Mechanism
Verified-at-install native nightly binary bootstrapper.
Rationale
The source is a transparent install-time remote native-binary bootstrapper, creating a real unresolved supply-chain execution risk but no concrete malicious behavior. Downgrade to warn rather than block.
Evidence
package.jsoninstall.jsrun.jsbin/hallouminate
Network endpoints1
github.com/paulnsorensen/hallouminate/releases/download/nightly/
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `node install.js` at postinstall.
- `install.js` downloads a nightly archive and executes system `tar` to unpack it.
- The checksum is fetched from the same mutable nightly release location as the archive.
- `run.js` launches the downloaded native binary.
Evidence against
- Only three source files are present; no hidden bundled payload was found.
- `install.js` uses a fixed GitHub release URL, HTTPS-only redirects, a timeout, and SHA-256 verification.
- No environment/credential harvesting, exfiltration, agent-config writes, eval, or shell interpolation appears in inspected source.
- Writes are confined to package-local `bin/hallouminate`; `run.js` only forwards CLI arguments and signals.
Behavioral surface
ChildProcessCryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings