registry  /  @shadowdara/seg  /  0.1.28

@shadowdara/seg@0.1.28

seg: The fast cli for samengine

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The package is a binary-wrapper CLI that downloads a release archive during postinstall and later executes the extracted seg binary. This is a supply-chain risk pattern but the source does not show concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user invoking seg runs cli.js
Impact
Installs and executes an opaque native binary from the package owner's GitHub release; no confirmed exfiltration or persistence in reviewed JS source.
Mechanism
platform-specific GitHub release binary download and wrapper execution
Rationale
Static source inspection shows an install-time downloader and native binary launcher, but the endpoint is package-aligned and there is no source evidence of credential theft, persistence, destructive behavior, or AI-agent control-surface mutation. Treat as a risky binary-wrapper pattern rather than confirmed malware.
Evidence
package.jsoninstall.jscli.jsbin/bin/x86_64-unknown-linux-gnu.tar.gzbin/x86_64-apple-darwin.tar.gzbin/aarch64-apple-darwin.tar.gzbin/x86_64-pc-windows-msvc.zipbin/segbin/seg.exe
Network endpoints1
github.com/Shadowdara/seg/releases/download/v${version}/${asset}

Decision evidence

public snapshot
AI called this Suspicious at 72.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node install.js, so install time code runs automatically.
  • install.js downloads a platform archive from GitHub releases and extracts it into bin/.
  • cli.js executes the downloaded bin/seg or bin/seg.exe via spawnSync when the seg command is invoked.
Evidence against
  • install.js URL is package-aligned: https://github.com/Shadowdara/seg/releases/download/v${version}/${asset}.
  • No credential, environment, or user file harvesting found in package source.
  • No AI-agent config or broad control-surface writes found.
  • Network use is limited to fetching the package's release asset; no exfiltration endpoint seen.
  • Extracted package contains only package.json, cli.js, install.js, README.md, and LICENSE.
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
UrlStrings
Manifest
NoLicense
scanned 2 file(s), 2.65 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License