registry  /  blueprint-tsa  /  1.2.0

blueprint-tsa@1.2.0

TSA plugin for TON Blueprint

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Installation downloads an unverified Java runtime and TSA analyzer JAR into `~/.tsa`. A later analysis command spawns that downloaded Java binary to run the downloaded JAR; installation itself does not execute the JAR.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
npm postinstall, then a user invokes a TSA analysis command.
Impact
A compromised download endpoint or redirect target can supply code that runs when the package's analyzer is used.
Mechanism
unverified remote binary/JAR staging followed by Java process execution
Rationale
The package is not proven malicious by source, but its install-time unverified remote payload staging and subsequent execution create a material supply-chain execution risk.
Evidence
package.jsondist/install/postinstall.jsdist/install/downloading.jsdist/install/java.jsdist/install/tsa-jar.jsdist/common/analyzer.jsdist/common/constants.jsREADME.md~/.tsa/jre~/.tsa/tsa-cli-v0.5.5.jar
Network endpoints2
api.adoptium.net/v3/binary/latest/17/ga/${adoptiumOS}/${adoptiumArch}/jre/hotspot/normal/eclipsegithub.com/espritoxyz/tsa/releases/download/v0.5.5/tsa-cli.jar

Decision evidence

public snapshot
AI called this Suspicious at 92.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` runs `dist/install/postinstall.js` on installation.
  • `dist/install/postinstall.js` downloads a JRE and TSA JAR without user action.
  • `dist/install/downloading.js` follows arbitrary HTTP(S) redirects and has no checksum verification.
  • `dist/common/analyzer.js` later executes the downloaded JAR with the downloaded Java runtime.
Evidence against
  • No credential, environment, SSH, npmrc, or AI-agent configuration harvesting found in `dist`.
  • No source-observed exfiltration, destructive behavior, stealth persistence, eval, or dynamic require.
  • `README.md` documents the package as a Blueprint/TSA plugin; TON endpoints are used by an explicit fetch command.
Behavioral surface
Source
ChildProcessCryptoFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 36 file(s), 154 KB of source, external domains: api.adoptium.net, github.com, mainnet-v4.tonhubapi.com, testnet-v4.tonhubapi.com, tonsec.dev

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node -e "if (require('fs').existsSync('dist/install/postinstall.js')) require('./dist/install/postinstall.js')"
Critical
Red Install Lifecycle Script

Install-time lifecycle script matches a deterministic static-gate block pattern.

package.jsonView on unpkg
scripts.postinstall = node -e "if (require('fs').existsSync('dist/install/postinstall.js')) require('./dist/install/postinstall.js')"
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg

Findings

1 Critical1 High2 Medium4 Low
CriticalRed Install Lifecycle Scriptpackage.json
HighInstall Time Lifecycle Scriptspackage.json
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings