AI Security Review
scanned 2h ago · by lpm-firewall-aiInstallation retrieves and extracts an externally hosted, rolling nightly binary. The downloaded binary executes only when the user invokes the package CLI; no source-confirmed malicious behavior exists in the JavaScript wrapper.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall downloads the artifact; invoking `hallouminate` starts it.
Impact
A mutable remote release artifact can supply executable code outside the inspected package source.
Mechanism
postinstall remote binary download, checksum fetch, extraction, and CLI launch
Rationale
The package is a postinstall remote-binary bootstrapper with a mutable nightly trust boundary, which is a real supply-chain risk but not evidence of concrete malicious behavior in inspected source.
Evidence
package.jsoninstall.jsrun.jsbin/hallouminate
Network endpoints2
github.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-${target}.tar.xzgithub.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-${target}.tar.xz.sha256
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `node install.js` via `postinstall`.
- `install.js` downloads a nightly `.tar.xz` executable during install.
- Checksum is fetched from the same mutable release location as the archive.
- HTTPS redirects may target any host, then archive is extracted to `bin/`.
- `run.js` executes the downloaded `bin/hallouminate` binary.
Evidence against
- No environment, credential, or user-file harvesting in inspected files.
- No exfiltration, destructive operations, or AI-agent configuration writes.
- Writes are confined to the package-local `bin/` directory.
- Launcher only forwards arguments and signals to the installed binary.
Behavioral surface
ChildProcessCryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings