registry  /  @paulnsorensen/hallouminate-nightly  /  0.0.0-experimental.8.1

@paulnsorensen/hallouminate-nightly@0.0.0-experimental.8.1

EXPERIMENTAL rolling build of paulnsorensen/hallouminate off main — NOT the official `hallouminate` package

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Install-time lifecycle code retrieves a mutable native payload and drops it into the package directory. The launcher executes that payload when the user invokes `hallouminate`; no direct source-level exfiltration or agent-control mutation is confirmed.

Static reason
One or more suspicious static signals were detected.
Trigger
`npm install` runs `postinstall`; invoking `hallouminate` runs the extracted binary.
Impact
A compromise or replacement of the upstream nightly release assets can supply executable code to package users.
Mechanism
Remote nightly binary download, same-channel checksum verification, extraction, and launcher execution.
Rationale
The package contains a real install-time remote executable delivery chain with no independent pinned integrity source. The behavior may be intended for a nightly binary wrapper, but its mutable payload channel is unresolved security risk rather than confirmed malicious intent.
Evidence
package.jsoninstall.jsrun.jsbin/hallouminate
Network endpoints2
github.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-<target>.tar.xzgithub.com/paulnsorensen/hallouminate/releases/download/nightly/hallouminate-<target>.tar.xz.sha256

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `package.json` runs `node install.js` in `postinstall`.
  • `install.js` downloads a rolling nightly archive during install.
  • Checksum is downloaded from the same mutable release channel as the archive.
  • `install.js` extracts a native executable to `bin/hallouminate`.
  • `run.js` later spawns the downloaded executable with user arguments.
Evidence against
  • Only `install.js`, `run.js`, and `package.json` are packaged.
  • No credential, environment, or user-file harvesting is present.
  • No AI-agent configuration, persistence, or destructive file mutation is present.
  • Downloads are HTTPS-only with a timeout and archive hash comparison.
Behavioral surface
Source
ChildProcessCryptoFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 7.46 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings