AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall-time code downloads and unpacks an opaque native bridge into the package directory. The launcher executes that binary only when the user runs `rein`; no confirmed agent-control-surface mutation exists in inspected JavaScript.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall, or explicit `rein` execution when `vendor/rein` is absent
Impact
An uninspected downloaded native binary can run with the invoking user's privileges.
Mechanism
remote native payload download, extraction, and user-invoked execution
Rationale
No concrete malicious behavior is present in the inspected JavaScript, so a block is not justified. However, the install-time remote native payload loader leaves a real opaque-code execution risk warranting a warning.
Evidence
package.jsonscripts/postinstall.mjsbin/rein.jsREADME.mdvendor/reinvendor/spawn-helpervendor/.rein-managed-by
Network endpoints1
github.com/rein-industries/rein/releases/download/v0.1.44
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `package.json` runs `scripts/postinstall.mjs` during npm install.
- `scripts/postinstall.mjs` fetches a platform-native tarball, extracts it into `vendor/`, and marks `rein` and `spawn-helper` executable.
- The checksum manifest and payload are both fetched from the same release origin, so shipped JS cannot independently authenticate the binary.
- `bin/rein.js` executes the downloaded `vendor/rein` binary with the caller's arguments.
Evidence against
- The postinstall script does not execute the downloaded binary.
- All filesystem writes are scoped to this package's `vendor/` directory.
- No shipped JavaScript reads credentials, harvests files, exfiltrates data, or modifies AI-agent configuration.
- Downloads are version-pinned by default to the package version and can be disabled with `REINS_SKIP_DOWNLOAD`.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License