registry  /  deployzy  /  1.1.0

deployzy@1.1.0

CLI for Deployzy — open-source tunnel to expose localhost to the internet

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Install-time code fetches and installs a remote native binary. The inspected JS wrapper is package-aligned, but the downloaded executable is not present for static review and is not integrity-pinned.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; later user runs deployzy CLI
Impact
Unreviewed release binary gains execution when user invokes the CLI; install modifies package bin directory.
Mechanism
postinstall remote binary downloader and CLI exec wrapper
Attack narrative
On install, deployzy selects the current OS/architecture, downloads a release archive from github.com/jams24/deployzy, extracts or writes a native deployzy binary into the package bin directory, and chmods it executable. The npm bin wrapper later execs that binary with user arguments. The JS code does not show exfiltration or persistence, but the remote binary is outside the package and lacks an integrity check.
Rationale
This is not confirmed malware from the inspected package source, but install-time remote executable delivery without checksum leaves unresolved supply-chain risk. The behavior is package-aligned for a native tunneling CLI, so warn rather than block.
Evidence
package.jsonbin/install.jsbin/cli.jsREADME.mdbin/deployzybin/deployzy.exeos.tmpdir()/deployzy-*os.tmpdir()/deployzy-*/deployzy.tar.gz
Network endpoints2
github.com/jams24/deployzy/releases/download/v1.1.0/deployzy_<platform>_<arch>.<ext>github.com/jams24/deployzy/releases

Decision evidence

public snapshot
AI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json runs postinstall: node bin/install.js
  • bin/install.js downloads a platform executable from GitHub releases during install
  • bin/install.js writes the downloaded/extracted binary into bin/deployzy or bin/deployzy.exe without a checksum
  • bin/cli.js executes the installed binary with user-supplied CLI args
Evidence against
  • No credential, env, or filesystem harvesting found in JS sources
  • No AI-agent control-surface writes or persistence hooks found
  • Network endpoint is package-aligned GitHub releases for jams24/deployzy
  • CLI execution is user-invoked after install
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 4.97 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node bin/install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node bin/install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings