registry  /  @synsci/openscience  /  1.2.4

@synsci/openscience@1.2.4

AI Security Review

scanned 14h ago · by lpm-firewall-ai

No confirmed malicious attack surface was found. Residual risk is an install-time global-package mutation plus user-invoked cleanup under the package's own home directory.

Static reason
One or more suspicious static signals were detected.
Trigger
npm global install or openscience CLI invocation
Impact
May remove deprecated @synsci/cli on global install and delete package-owned ~/.openscience support files at CLI runtime.
Mechanism
global package removal and native binary wrapper/launcher
Rationale
The lifecycle hooks and wrapper contain sensitive primitives, but inspected behavior is package-aligned: platform binary verification, same-vendor deprecated CLI removal only for global installs, and CLI-invoked cleanup under ~/.openscience. Because global package removal occurs during install without a separate consent step, warn rather than block.
Evidence
package.jsonpreinstall.mjspostinstall.mjsbin/openscience@synsci/cli global npm package~/.openscience/package.json~/.openscience/.gitignore~/.openscience/bun.lockb~/.openscience/bunfig.toml~/.openscience/node_modules
Network endpoints2
syntheticsciences.ai/installgit+https://github.com/synthetic-sciences/openscience.git

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines preinstall and postinstall lifecycle scripts.
  • preinstall.mjs runs `npm rm -g @synsci/cli` during global installs.
  • bin/openscience removes selected files and node_modules under ~/.openscience before launching a binary.
Evidence against
  • postinstall.mjs only resolves/verifies platform optional dependency binaries; no download or remote code execution seen.
  • bin/openscience actions are CLI-invoked and confined to package-aligned paths/fallback binaries.
  • No credential harvesting, exfiltration, AI-agent control-surface writes, persistence, or network calls found.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 2 file(s), 4.14 KB of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.preinstall = node ./preinstall.mjs || exit 0
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.preinstall = node ./preinstall.mjs || exit 0
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
scripts.postinstall = bun ./postinstall.mjs || node ./postinstall.mjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowNo License