AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package is a binary-wrapper CLI that downloads a release archive during postinstall and later executes the extracted seg binary. This is a supply-chain risk pattern but the source does not show concrete malicious behavior.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user invoking seg runs cli.js
Impact
Installs and executes an opaque native binary from the package owner's GitHub release; no confirmed exfiltration or persistence in reviewed JS source.
Mechanism
platform-specific GitHub release binary download and wrapper execution
Rationale
Static source inspection shows an install-time downloader and native binary launcher, but the endpoint is package-aligned and there is no source evidence of credential theft, persistence, destructive behavior, or AI-agent control-surface mutation. Treat as a risky binary-wrapper pattern rather than confirmed malware.
Evidence
package.jsoninstall.jscli.jsbin/bin/x86_64-unknown-linux-gnu.tar.gzbin/x86_64-apple-darwin.tar.gzbin/aarch64-apple-darwin.tar.gzbin/x86_64-pc-windows-msvc.zipbin/segbin/seg.exe
Network endpoints1
github.com/Shadowdara/seg/releases/download/v${version}/${asset}
Decision evidence
public snapshotAI called this Suspicious at 72.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node install.js, so install time code runs automatically.
- install.js downloads a platform archive from GitHub releases and extracts it into bin/.
- cli.js executes the downloaded bin/seg or bin/seg.exe via spawnSync when the seg command is invoked.
Evidence against
- install.js URL is package-aligned: https://github.com/Shadowdara/seg/releases/download/v${version}/${asset}.
- No credential, environment, or user file harvesting found in package source.
- No AI-agent config or broad control-surface writes found.
- Network use is limited to fetching the package's release asset; no exfiltration endpoint seen.
- Extracted package contains only package.json, cli.js, install.js, README.md, and LICENSE.
Behavioral surface
ChildProcessFilesystemNetwork
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License