AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package is a thin npm wrapper that downloads and extracts a native CLI binary at postinstall, then dispatches to it at runtime. This creates supply-chain risk because the binary is fetched without in-package integrity verification, but the endpoint is package-aligned and no malicious JS behavior is visible.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; invoking seg runs cli.js
Impact
Potential execution of an unverified GitHub release binary when the user runs seg; no confirmed malicious behavior in inspected source
Mechanism
postinstall remote binary download and extraction, runtime binary wrapper
Rationale
This is not clean because install-time remote binary download without integrity verification is a real unresolved supply-chain risk. It is not malicious on the inspected source because the network target is package-aligned and no concrete attack behavior is present.
Evidence
package.jsoninstall.jscli.jsREADME.mdbin/bin/{platform-asset}bin/segbin/seg.exe
Network endpoints1
github.com/Shadowdara/seg/releases/download/v0.2.0/{platform-asset}
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node install.js
- install.js downloads a platform archive from GitHub releases during install
- install.js extracts the archive with tar or PowerShell Expand-Archive without checksum/signature verification
- cli.js later spawns the downloaded bin/seg or bin/seg.exe with user arguments
Evidence against
- No credential, env, npmrc, SSH, or filesystem harvesting found
- No exfiltration endpoint beyond package-aligned GitHub release download
- No eval/vm/Function or dynamic remote code execution in JS source
- No persistence, destructive behavior, or AI-agent control-surface writes found
- README describes seg as a CLI for samengine, matching the binary-wrapper behavior
Behavioral surface
ChildProcessFilesystemNetwork
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License