registry  /  @whalent/agent  /  0.3.197

@whalent/agent@0.3.197

Stable wrapper for Whalent Agent core runtime

AI Security Review

scanned 11d ago · by lpm-firewall-ai

No confirmed malicious install-time attack surface was established. The runtime CLI is an obfuscated AI agent wrapper/daemon that uses network, child processes, and package self/core update behavior when explicitly invoked.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
npm install runs a Node version check; whalent CLI execution starts wrapper/core agent behavior
Impact
Potentially broad user-authorized agent/daemon capabilities, but no concrete malicious exfiltration or persistence beyond package purpose was confirmed
Mechanism
user-invoked AI agent wrapper with npm registry update/install logic
Rationale
The scanner's lifecycle concern is not substantiated by source inspection: the preinstall hook is a simple Node version gate. The obfuscated runtime has high-risk agent and update capabilities, but they are user-invoked and package-aligned with no confirmed malicious payload or exfiltration path.
Evidence
package.jsonscripts/preinstall-check.cjsdist/index.cjsdist/core.cjs
Network endpoints2
registry.npmjs.orgregistry.npmmirror.com

Decision evidence

public snapshot
AI called this Suspicious at 72.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json has preinstall: node scripts/preinstall-check.cjs
  • dist/index.cjs and dist/core.cjs are heavily obfuscated bundled CLI files
  • dist/index.cjs performs runtime npm registry probing and can install/update @whalent/agent or @whalent/agent-core when the CLI is run
  • dist/core.cjs contains expected agent gateway/terminal/AI-provider control code with child_process, fs, ws/undici-style behavior
Evidence against
  • scripts/preinstall-check.cjs only checks Node major version and prints an install hint; no network, file write, shell, or agent-control mutation
  • No install-time credential harvesting or exfiltration found in inspected lifecycle hook
  • Runtime network and process control are aligned with a user-invoked Whalent AI agent/daemon CLI
  • Auto-update/install paths target the same @whalent packages through npm registries, not an unrelated payload host
  • No prompt/reviewer manipulation or package-review instruction injection found in package files
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystem
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 2 file(s), 304 KB of source, external domains: registry.npm, registry.npmjs.org
Oversized source lightweight scan
dist/core.cjs4.48 MB file, sampled 256 KB
EnvironmentVarsDynamicRequireObfuscatedHighEntropyStringsMinified

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.preinstall = node scripts/preinstall-check.cjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
dist/index.cjsView file
1#!/usr/bin/env node L2: 'use strict';const a0_0x45069a=a0_0x1bea;(function(_0x3cec3f,_0x136128){const _0x4537a5=a0_0x1bea,_0x3ea021=_0x3cec3f();while(!![]){try{const _0x2ba3b8=parseInt(_0x4537a5(0x1a1))/0...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/index.cjsView on unpkg · L1
1#!/usr/bin/env node L2: 'use strict';const a0_0x45069a=a0_0x1bea;(function(_0x3cec3f,_0x136128){const _0x4537a5=a0_0x1bea,_0x3ea021=_0x3cec3f();while(!![]){try{const _0x2ba3b8=parseInt(_0x4537a5(0x1a1))/0...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.cjsView on unpkg · L1
dist/core.cjsView file
path = dist/core.cjs kind = oversized_source_file sizeBytes = 4696551 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/core.cjsView on unpkg
path = dist/core.cjs kind = oversized_cli_entrypoint sizeBytes = 4696551 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

dist/core.cjsView on unpkg

Findings

4 High4 Medium6 Low
HighInstall Time Lifecycle Scriptspackage.json
HighObfuscated Payload Loaderdist/index.cjs
HighObfuscated
HighOversized Source Filedist/core.cjs
MediumDynamic Requiredist/index.cjs
MediumEnvironment Vars
MediumOversized Cli Entrypointdist/core.cjs
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License