AI Security Review
scanned 3d ago · by lpm-firewall-aiThe package is a lifecycle downloader for a native binary that is not present in the npm tarball. The reviewed JS does not prove malicious behavior, but the installed executable is fetched without integrity verification and later executed by the CLI shim.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user later invokes swapdex
Impact
Unverified release binary can execute with the user's privileges when swapdex is invoked
Mechanism
postinstall remote binary download and CLI execution shim
Attack narrative
On install, install.js selects the current OS/CPU target, downloads a tar.gz from the package author's GitHub release, extracts it into bin/, makes bin/swapdex executable, and removes the temporary archive. The npm CLI entrypoint then executes that downloaded binary. No direct exfiltration or malicious JS behavior is visible, but the binary payload is outside the npm source and lacks integrity verification.
Rationale
Static inspection confirms an unverified install-time remote binary fetch and execution path, which is real unresolved supply-chain risk but not concrete proof of malicious intent. Marking warn is appropriate rather than publish block because the behavior is package-aligned and no credential theft, persistence, or destructive code is present in inspected source.
Evidence
package.jsoninstall.jsbin/swapdex.jsbin/swapdex
Network endpoints1
github.com/youdie006/swapdex/releases/download/v0.1.0/swapdex-${target}.tar.gz
Decision evidence
public snapshotAI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node install.js
- install.js downloads a platform tar.gz from GitHub releases during install
- install.js extracts archive with tar into bin/ and chmods bin/swapdex executable
- bin/swapdex.js runs the downloaded bin/swapdex with forwarded argv/stdio
- No checksum, signature, or pinned integrity validation for the downloaded binary
Evidence against
- Remote URL is package-aligned to github.com/youdie006/swapdex releases
- JS source shows no env/credential harvesting or exfiltration logic
- No obfuscation, eval/vm/Function, persistence, or destructive behavior found in package JS
- Network use is limited to release download in install.js
Behavioral surface
ChildProcessFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings