registry  /  codewhale.history  /  2.11.14

codewhale.history@2.11.14

CodeWhale utility commands: session history, tool listing, file snapshot, interactive code quiz — global install

AI Security Review

scanned 3h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. Install-time code mutates the package's CodeWhale agent-extension surface globally and injects workspace instructions. No source evidence establishes network delivery, credential theft, or remote execution.

Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall
Impact
An installation automatically changes future CodeWhale session behavior for the user and target workspace.
Mechanism
copies first-party skills and writes CodeWhale instruction files
Rationale
This is not concrete malware, but automatic install-time mutation of an AI-agent extension and workspace instruction surface is a real lifecycle risk. Flag as warn rather than block because the mutation is package-aligned and no malicious execution chain is present.
Evidence
package.jsontools-install.js.codewhale/instructions.md_list_sessions.js_extract_office.js~/.codewhale/skills/*~/.codewhale/tools-readme.md~/.codewhale/CHANGELOG.md<INIT_CWD>/.codewhale/instructions.md

Decision evidence

public snapshot
AI called this Suspicious at 94.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` runs `codewhale-tools-install` on `postinstall`.
  • `tools-install.js` copies bundled skills into `~/.codewhale/skills`.
  • `tools-install.js` creates/appends `<INIT_CWD>/.codewhale/instructions.md` during install.
  • Bundled instructions register agent-triggered commands and skills.
Evidence against
  • No network client, endpoint, or exfiltration code found.
  • No shell, child-process, eval, VM, or dynamic loader use found.
  • `_list_sessions.js` only reads local CodeWhale session metadata.
  • `_extract_office.js` only reads a supplied Office archive and prints text.
Behavioral surface
Source
EnvironmentVarsFilesystem
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 3 file(s), 13.8 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = codewhale-tools-install
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = codewhale-tools-install
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowNo License