AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall-time code retrieves an executable payload from GitHub Releases, stores it in the package `bin` directory, and makes it executable. The CLI wrapper later launches that payload with inherited environment variables.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall, then user invocation of `a4`
Impact
A compromised or substituted release payload could execute with the installing user's or CLI user's privileges.
Mechanism
Remote binary bootstrap and execution
Rationale
No direct malicious behavior is present in the inspected JavaScript, but automatic download and execution of a remotely hosted binary is a material unresolved supply-chain capability. This warrants a warning rather than a block because the endpoint is package-aligned and no concrete malicious chain is shown.
Evidence
package.jsonscripts/postinstall.jsbin/a4.jsREADME.mdbin/a4bin/a4.exe
Network endpoints1
github.com
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `package.json` runs `node scripts/postinstall.js` during installation.
- `scripts/postinstall.js` downloads a platform binary from GitHub Releases and writes it to `bin/a4` or `bin/a4.exe` with executable permissions.
- The checksum file is fetched from the same release location as the executable, so the package has no independent trust root for the install-time payload.
- `bin/a4.js` executes the downloaded binary and forwards the caller's full environment.
Evidence against
- The installer targets a package-aligned Arete GitHub release URL and only supported platforms.
- The script verifies a SHA-256 checksum and removes the binary when verification fails.
- Inspected JavaScript contains no credential harvesting, unrelated file traversal, agent-control writes, or data exfiltration.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings