AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall-time code downloads the platform CLI binary from a version-pinned release URL. It writes only `bin/treeship.partial` and, after checksum verification, `bin/treeship`; no confirmed malicious behavior is established.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall
Impact
Installs the package-aligned Treeship CLI executable only after the bundled checksum matches.
Mechanism
download-and-SHA-256-verify platform binary
Rationale
The install hook is a package-aligned binary bootstrapper with a bundled integrity hash and fail-closed verification. Source inspection found no concrete exfiltration, destructive action, remote code execution beyond the verified installed CLI binary, or control-surface mutation.
Evidence
package.jsonpostinstall.jsexpected-checksum.txtbinary.jsREADME.mdbin/treeship.partialbin/treeship
Network endpoints1
github.com/zerkerlabs/treeship/releases/download/v0.19.1/treeship-darwin-aarch64
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- `package.json` runs `node postinstall.js` during installation.
- `postinstall.js` downloads a native executable and makes it executable in `bin/treeship`.
Evidence against
- `postinstall.js` uses a version-pinned GitHub Releases URL.
- `expected-checksum.txt` ships a valid SHA-256 digest.
- Downloaded bytes are SHA-256 verified before rename and chmod.
- Checksum mismatch, malformed checksum, HTTP errors, and timeouts abort installation.
- No credential/env harvesting, shell execution, eval, persistence, or AI-agent configuration writes found.
Behavioral surface
CryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings