registry  /  @spikewang/grok-cli  /  0.1.221

@spikewang/grok-cli@0.1.221

Grok coding agent CLI (fork with macOS/system-proxy support)

AI Security Review

scanned 8h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. Install-time code persists a package-owned Grok executable at `~/.grok/bin/grok-<version>` and updates `~/.grok/bin/grok`. No source-confirmed exfiltration, remote loading, or destructive action is present.

Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall; later explicit `grok` or `grok-cli` invocation.
Impact
Creates and later executes a locally persisted AI-agent CLI binary supplied by an optional platform package.
Mechanism
package-owned binary bootstrap and persistent symlink setup
Rationale
Source inspection confirms an install-time persistent executable bootstrap for a coding-agent CLI. It is package-aligned rather than a confirmed malicious payload, but warrants a warning because installation modifies a user-home execution path.
Evidence
package.jsonbin/postinstall.jsbin/grokREADME.md~/.grok/bin/grok-<version>~/.grok/bin/grok

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • `package.json` runs `node bin/postinstall.js` at install time.
  • `bin/postinstall.js` writes a versioned executable and `grok` symlink under `~/.grok/bin`.
  • `bin/grok` prefers that persistent home-directory binary and spawns it.
Evidence against
  • Postinstall only decompresses/copies the declared optional platform binary; it does not execute it.
  • No credential harvesting, network requests, shell commands, eval, or foreign agent-config writes appear in package source.
  • `bin/grok` runs only when the user invokes the installed CLI and forwards its arguments.
Behavioral surface
Source
Filesystem
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 2.37 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node bin/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node bin/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High1 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present
LowFilesystem