AI Security Review
scanned 2h ago · by lpm-firewall-aiPostinstall obtains and installs a remote executable whose contents are not fixed by the npm package. The package launcher subsequently executes that executable.
Static reason
One or more suspicious static signals were detected.
Trigger
npm installation runs postinstall; invoking `hallouminate` runs the installed binary.
Impact
A compromised or changed nightly release/checksum can cause arbitrary code execution on install or CLI use.
Mechanism
remote nightly binary download, checksum fetch, extraction, and execution
Rationale
The package implements an install-time remote executable bootstrap with no package-embedded or independently pinned artifact digest. That is a real supply-chain risk but not proof of present malicious intent.
Evidence
package.jsoninstall.jsrun.jsbin/hallouminate
Network endpoints2
github.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-${target}.tar.xzgithub.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-${target}.tar.xz.sha256
Decision evidence
public snapshotAI called this Suspicious at 90.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `node install.js` via postinstall.
- `install.js` downloads a rolling `nightly` archive during installation.
- Checksum is fetched from the same release location, not pinned in package source.
- `install.js` extracts the archive into `bin/` and marks `bin/hallouminate` executable.
- `run.js` executes the downloaded binary with inherited stdio.
Evidence against
- No credential, environment, or local-file harvesting appears in inspected source.
- No AI-agent configuration writes, persistence hooks, or destructive actions appear.
- Downloads require HTTPS and include redirect and timeout limits.
- Archive SHA-256 is verified before extraction.
Behavioral surface
ChildProcessCryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings