AI Security Review
scanned 4h ago · by lpm-firewall-aiThe package has an install-time remote binary installer, so reviewed source cannot verify the executable that users will run. No confirmed credential exfiltration or install-time AI-agent config mutation appears in the packaged JS source.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; later user invokes swapdex CLI
Impact
Unverified remote binary becomes the installed CLI; behavior of that binary is not auditable from this package source alone.
Mechanism
postinstall downloads and extracts a prebuilt executable
Rationale
This is not confirmed malicious from source inspection, but install-time retrieval of an unaudited executable that will manage AI CLI credentials is a real unresolved supply-chain risk. The JS source shows no concrete exfiltration, destructive behavior, or unconsented install-time mutation of Claude/Codex state.
Evidence
package.jsoninstall.jsbin/swapdex.jsREADME.mdbin/swapdex/tmp/swapdex-${target}.tar.gz
Network endpoints1
github.com/youdie006/swapdex/releases/download/v${version}/swapdex-${target}.tar.gz
Decision evidence
public snapshotAI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node install.js
- install.js downloads platform tar.gz from GitHub release during npm install
- install.js extracts archive into bin/ and chmods bin/swapdex executable
- Downloaded binary is not present in package and no checksum/signature verification is implemented
Evidence against
- No install-time reads of ~/.codex, ~/.claude, env secrets, or npm credentials in inspected JS
- bin/swapdex.js only spawns bin/swapdex when user runs the CLI
- Network endpoint is first-party GitHub release URL matching package repo/version
- README discloses local credential switching behavior and plaintext local store
Behavioral surface
ChildProcessFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings