registry  /  apteva  /  0.24.13

apteva@0.24.13

AI agent platform with multi-thread orchestration, MCP integrations, and dashboard

AI Security Review

scanned 14d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The install hook is a conventional binary downloader for a CLI package, with package-aligned GitHub release URLs and local binary/symlink setup.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user later invokes the apteva bin
Impact
Installs and runs the package's platform binary; no source evidence of credential theft, exfiltration, or destructive behavior
Mechanism
postinstall binary download/extract and CLI shim execution
Rationale
The suspicious primitives are explained by a CLI package that installs release binaries and dispatches to them. Static source inspection found no concrete malicious behavior, exfiltration, prompt/reviewer manipulation, or unconsented AI-agent control-surface mutation.
Evidence
package.jsoninstall.jscli.js~/.apteva/releases/apteva-0.24.13-<platform>-<arch>.tar.gz~/.apteva/versions/0.24.13/~/.apteva/bin/current~/.apteva/bin/apteva~/.apteva/bin/apteva-server~/.apteva/bin/apteva-core./apteva./apteva-server./apteva-core
Network endpoints2
github.com/apteva/apteva/releases/download/v0.24.13/apteva-0.24.13-<platform>-<arch>.tar.gzgithub.com/apteva/apteva/releases/tag/v0.24.13

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json defines postinstall: node install.js.
  • install.js downloads a release tarball from github.com/apteva/apteva and extracts it with tar during install.
  • install.js falls back to execSync('go build -o apteva .') in package dir, but package files list contains no Go source.
Evidence against
  • Only package files are package.json, cli.js, install.js, README.md; no hidden payload files found by rg --files.
  • install.js network endpoint is package-aligned GitHub releases for apteva/apteva v0.24.13.
  • install.js writes binaries/tarball under ~/.apteva and package install dir for CLI setup; no credential/env harvesting or exfiltration observed.
  • cli.js only resolves installed apteva/apteva-server/apteva-core binaries and spawnSyncs apteva with user CLI args.
  • No eval/vm/Function, obfuscation, persistence beyond CLI symlinks, destructive behavior, or AI-agent control-surface writes found.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 10.1 KB of source, external domains: github.com

Source & flagged code

4 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
install.jsView file
29const http = require("http"); L30: const { execSync } = require("child_process"); L31:
High
Child Process

Package source references child process execution.

install.jsView on unpkg · L29
27const path = require("path"); L28: const https = require("https"); L29: const http = require("http"); L30: const { execSync } = require("child_process"); L31: ... L40: // by hand; both files are short and the shape is fixed. L41: const APTEVA_HOME = process.env.APTEVA_HOME || path.join(os.homedir(), ".apteva"); L42: const VERSIONS_DIR = path.join(APTEVA_HOME, "versions");
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

install.jsView on unpkg · L27

Findings

4 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processinstall.js
HighShell
HighSame File Env Network Executioninstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings