registry  /  @trumbodev/cli  /  3.0.56

@trumbodev/cli@3.0.56

Autonomous coding agent CLI - capable of creating/editing files, running commands, using the browser, and more

AI Security Review

scanned 1h ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The install hook only caches the first-party compiled CLI binary for runtime use, and the bin wrapper resolves and runs that binary when the user invokes trumbo.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user runs trumbo bin entrypoint
Impact
Installs and executes the Trumbo CLI binary; no source evidence of exfiltration, persistence beyond package cache, or control-surface hijack
Mechanism
first-party platform binary resolution and cache copy
Rationale
Static inspection shows a normal native-binary npm wrapper with an install-time cache copy, not a malicious install chain. Suspicious primitives are package-aligned and there is no evidence of credential theft, remote execution, destructive behavior, or AI-agent control hijacking.
Evidence
package.jsonpostinstall.mjslocal-binary-cache.mjsbin/trumbobin/trumbo.cmdbin/.trumbo~/.trumbo/bin/trumbo%LOCALAPPDATA%/Trumbo/bin/trumbo.exe

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json defines postinstall: node ./postinstall.mjs || true
  • postinstall.mjs copies platform binary to a local runtime cache and bin/.trumbo
  • bin/trumbo executes a resolved platform binary with inherited environment
  • bin/trumbo honors TRUMBO_BIN_PATH override when user runs the CLI
Evidence against
  • No network code in package source beyond README/repository URLs
  • No credential/env harvesting or exfiltration found
  • No eval/vm/Function or remote payload loading found
  • postinstall resolves only @trumbodev/cli platform optionalDependencies
  • Filesystem writes are package-aligned binary cache paths for CLI execution
  • No AI-agent config/control-surface mutation found
Behavioral surface
Source
EnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 4.97 KB of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node ./postinstall.mjs || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./postinstall.mjs || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/trumbo.cmdView file
path = bin/trumbo.cmd kind = build_helper sizeBytes = 507 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

bin/trumbo.cmdView on unpkg

Findings

1 High3 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
MediumShips Build Helperbin/trumbo.cmd
LowScripts Present
LowFilesystem