AI Security Review
scanned 2h ago · by lpm-firewall-aiInstallation can download a platform-specific sidecar to `bin/sidecar-slim` when optional dependencies are unavailable. For version 0.7.2, the shipped checksum map lacks a matching entry, so the downloaded executable is retained without integrity verification and is later supplied to native node startup.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install with the platform optional sidecar unavailable, followed by `createMeshNode()`
Impact
A compromised or substituted release asset could become executable through the package runtime path.
Mechanism
postinstall download and retention of an unverified executable sidecar
Rationale
Source inspection confirms a real unverified executable-download path for this exact version. The code is package-aligned and contains no confirmed malicious payload behavior, so warn rather than block.
Evidence
package.jsonscripts/postinstall.cjssidecar-checksums.jsondist/sidecar.jsdist/create-mesh-node.jsbin/sidecar-slim
Network endpoints1
github.com
Decision evidence
public snapshotAI called this Suspicious at 91.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `postinstall`.
- `scripts/postinstall.cjs` downloads a platform binary when optional dependencies are absent.
- `sidecar-checksums.json` has no `0.7.2` checksum entry.
- The fallback warns but still chmods and retains the unverified binary.
- `dist/create-mesh-node.js` passes the resolved sidecar path to native startup.
Evidence against
- No credential, environment, or user-file harvesting found.
- No AI-agent configuration or control-surface writes found.
- Download endpoint is package-aligned GitHub Releases.
- Code deletes the file and fails closed when a checksum exists but mismatches.
- No package-contained executable was present in this archive.
Behavioral surface
ChildProcessCryptoFilesystemNativeBindingsNetworkShell
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/postinstall.cjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/postinstall.cjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings