registry  /  clipal  /  0.20.0

clipal@0.20.0

Clipal CLI installer for the local LLM API gateway

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package is a thin npm installer/wrapper for a platform-specific Clipal binary with checksum validation.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user running clipal invokes the vendor binary
Impact
Installs and executes the Clipal CLI binary when invoked by the user
Mechanism
download verified release binary and spawn it as CLI
Rationale
The install hook and child_process usage are explained by the package purpose: installing a platform-specific CLI binary and wrapping it. Static inspection found no credential harvesting, exfiltration, persistence, destructive behavior, or AI-agent control-surface mutation.
Evidence
package.jsonscripts/postinstall.jsbin/clipal.jsREADME.mdvendor/clipalvendor/clipal.exetemporary os tmpdir clipal-npm-*
Network endpoints5
github.com/PAIArtCom/Clipal/releases/downloadclipal.paiart.comgithub.com/PAIArtCom/Clipal.gitgithub.com/PAIArtCom/Clipal/issuesregistry.npmjs.org/

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json defines postinstall: node ./scripts/postinstall.js
  • scripts/postinstall.js downloads a platform binary at install time from GitHub Releases or CLIPAL_NPM_BASE_URL
  • bin/clipal.js executes vendor/clipal via child_process.spawn when user runs the CLI
Evidence against
  • scripts/postinstall.js verifies downloaded binary SHA-256 against checksums.txt before installing
  • Downloaded artifact is version-scoped to v0.20.0 and platform-selected by process.platform/process.arch
  • No credential, env, home-directory, npmrc, ssh, destructive, persistence, or exfiltration logic found
  • Network use is package-aligned binary installation from https://github.com/PAIArtCom/Clipal/releases/download
  • No import-time execution beyond CLI wrapper; runtime spawn is user-invoked
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 4.92 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node ./scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings