AI Security Review
scanned 4d ago · by lpm-firewall-aiInstall-time script fetches the Treeship platform binary and installs it under the package directory after SHA-256 verification. No credential harvesting, exfiltration, persistence, destructive behavior, or AI-agent control-surface mutation was found.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall for @treeship/cli-darwin-arm64@0.18.0
Impact
Installs intended CLI executable into package-local bin/treeship
Mechanism
checksum-verified platform binary download
Rationale
The lifecycle script is an expected platform-binary installer with a package-shipped SHA-256 check and package-aligned GitHub release source. Static inspection found no concrete malicious behavior beyond the normal install-time binary fetch.
Evidence
package.jsonpostinstall.jsbinary.jsexpected-checksum.txtREADME.mdbin/treeship.partialbin/treeship
Network endpoints2
github.com/zerkerlabs/treeship/releases/download/v0.18.0/treeship-darwin-aarch64github.com/zerkerlabs/treeship
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json defines postinstall: node postinstall.js
- postinstall.js downloads an executable from GitHub Releases during install
- postinstall.js writes bin/treeship.partial then renames to bin/treeship and chmods 0755
Evidence against
- Download URL is package-aligned: github.com/zerkerlabs/treeship release for the same VERSION
- expected-checksum.txt contains a 64-hex SHA-256 and postinstall.js aborts on missing/malformed/mismatch
- postinstall.js only uses fs/path/https/crypto; no child_process, eval, env harvesting, or credential paths found
- binary.js only exports the local bin/treeship path
- README.md documents the same binary download and checksum verification behavior
Behavioral surface
CryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings