AI Security Review
scanned 8h ago · by lpm-firewall-aiLPM treats this as warn-only first-party agent extension lifecycle risk. Install-time code persists a package-owned Grok executable at `~/.grok/bin/grok-<version>` and updates `~/.grok/bin/grok`. No source-confirmed exfiltration, remote loading, or destructive action is present.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall; later explicit `grok` or `grok-cli` invocation.
Impact
Creates and later executes a locally persisted AI-agent CLI binary supplied by an optional platform package.
Mechanism
package-owned binary bootstrap and persistent symlink setup
Rationale
Source inspection confirms an install-time persistent executable bootstrap for a coding-agent CLI. It is package-aligned rather than a confirmed malicious payload, but warrants a warning because installation modifies a user-home execution path.
Evidence
package.jsonbin/postinstall.jsbin/grokREADME.md~/.grok/bin/grok-<version>~/.grok/bin/grok
Decision evidence
public snapshotAI called this Suspicious at 87.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `package.json` runs `node bin/postinstall.js` at install time.
- `bin/postinstall.js` writes a versioned executable and `grok` symlink under `~/.grok/bin`.
- `bin/grok` prefers that persistent home-directory binary and spawns it.
Evidence against
- Postinstall only decompresses/copies the declared optional platform binary; it does not execute it.
- No credential harvesting, network requests, shell commands, eval, or foreign agent-config writes appear in package source.
- `bin/grok` runs only when the user invokes the installed CLI and forwards its arguments.
Behavioral surface
Filesystem
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node bin/postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node bin/postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High1 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present
LowFilesystem