registry  /  @paulnsorensen/hallouminate-nightly  /  0.0.0-experimental.16.1

@paulnsorensen/hallouminate-nightly@0.0.0-experimental.16.1

EXPERIMENTAL rolling build of paulnsorensen/hallouminate off main — NOT the official `hallouminate` package

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Postinstall obtains and installs a remote executable whose contents are not fixed by the npm package. The package launcher subsequently executes that executable.

Static reason
One or more suspicious static signals were detected.
Trigger
npm installation runs postinstall; invoking `hallouminate` runs the installed binary.
Impact
A compromised or changed nightly release/checksum can cause arbitrary code execution on install or CLI use.
Mechanism
remote nightly binary download, checksum fetch, extraction, and execution
Rationale
The package implements an install-time remote executable bootstrap with no package-embedded or independently pinned artifact digest. That is a real supply-chain risk but not proof of present malicious intent.
Evidence
package.jsoninstall.jsrun.jsbin/hallouminate
Network endpoints2
github.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-${target}.tar.xzgithub.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-${target}.tar.xz.sha256

Decision evidence

public snapshot
AI called this Suspicious at 90.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` runs `node install.js` via postinstall.
  • `install.js` downloads a rolling `nightly` archive during installation.
  • Checksum is fetched from the same release location, not pinned in package source.
  • `install.js` extracts the archive into `bin/` and marks `bin/hallouminate` executable.
  • `run.js` executes the downloaded binary with inherited stdio.
Evidence against
  • No credential, environment, or local-file harvesting appears in inspected source.
  • No AI-agent configuration writes, persistence hooks, or destructive actions appear.
  • Downloads require HTTPS and include redirect and timeout limits.
  • Archive SHA-256 is verified before extraction.
Behavioral surface
Source
ChildProcessCryptoFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 7.46 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings