AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall-time code fetches an executable from a GitHub release and stores it in `bin/`. A later explicit CLI invocation runs that unverified executable. No confirmed data-exfiltration or AI-agent control-surface behavior is present.
Static reason
One or more suspicious static signals were detected.
Trigger
`npm install` downloads the binary; running `canary` executes it.
Impact
A compromised or substituted release asset could run arbitrary code when the CLI is invoked.
Mechanism
Unverified install-time remote binary bootstrapper
Rationale
Source confirms an unverified install-time executable download and later execution path. The destination and redirect allowlist look package-aligned, so this is a warning-level staged-payload risk rather than confirmed malware.
Evidence
package.jsonscripts/install.jsbin/canary.jsbin/canarybin/canary.exe
Network endpoints4
github.com/bop-clocktower/canary/releases/download/v5.7.0/canary-{platform}github.comobjects.githubusercontent.comrelease-assets.githubusercontent.com
Decision evidence
public snapshotAI called this Suspicious at 92.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `package.json` defines `postinstall: node scripts/install.js`.
- `scripts/install.js` downloads a platform-specific executable during installation.
- The download has no checksum, signature, or pinned artifact verification.
- `scripts/install.js` writes and marks `bin/canary`/`bin/canary.exe` executable.
- `bin/canary.js` executes the downloaded binary on explicit `canary` use.
Evidence against
- Release URL is fixed to the package's GitHub repository and version.
- Redirects are restricted to three GitHub-owned hosts.
- No credential harvesting, environment collection, AI-agent mutation, or destructive logic appears in inspected files.
- The installer downloads but does not execute the binary during `postinstall`.
Behavioral surface
ChildProcessFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings