registry  /  deployzy  /  1.1.2

deployzy@1.1.2

CLI for Deployzy — open-source tunnel to expose localhost to the internet

AI Security Review

scanned 4d ago · by lpm-firewall-ai

Install-time script stages a platform native executable from GitHub release assets, then the CLI wrapper executes it. This is a real supply-chain risk because the executable is fetched at install time and not pinned by checksum, but the inspected source does not confirm malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
npm install deployzy@1.1.2; later running deployzy CLI
Impact
Unverified downloaded binary can execute on user systems; no confirmed credential theft, persistence, or destructive behavior in package source.
Mechanism
postinstall remote native binary download and exec wrapper
Attack narrative
On install, bin/install.js detects OS/arch, downloads deployzy_<platform>_<arch> from GitHub releases for v1.1.2, extracts it, copies it into the package bin directory, and marks it executable. The CLI entrypoint later runs that native binary. The source does not show exfiltration or persistence, but the install-time executable staging lacks checksum verification.
Rationale
Static source inspection confirms an install-time unverified native binary downloader from a package-aligned GitHub repository, which is unresolved risk rather than concrete malware. Mark warn/suspicious instead of block because no malicious behavior is present in the inspected npm source.
Evidence
package.jsonbin/install.jsbin/cli.jsREADME.mdbin/deployzybin/deployzy.exeos tmpdir deployzy-*
Network endpoints2
github.com/jams24/deployzy/releases/download/v1.1.2/deployzy_<platform>_<arch>.<ext>github.com/jams24/deployzy/releases

Decision evidence

public snapshot
AI called this Suspicious at 72.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json has postinstall: node bin/install.js.
  • bin/install.js downloads release archive from github.com/jams24/deployzy during install.
  • bin/install.js writes/extracts archive to temp, copies deployzy binary into bin, chmods it executable.
  • bin/install.js may execute existing bin/deployzy version during install-time validation.
  • bin/cli.js execFileSync runs the installed native binary with user CLI args.
Evidence against
  • Only package files are package.json, README.md, bin/cli.js, and bin/install.js; no hidden source files or bundled payloads found.
  • Download URL is derived from package version and package-aligned repo jams24/deployzy.
  • No source evidence of credential/env harvesting, persistence, destructive actions, AI-agent control writes, or unrelated exfiltration.
  • README describes deployzy as a localhost tunnel CLI, matching the native-binary wrapper behavior.
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 6.60 KB of source, external domains: github.com

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node bin/install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node bin/install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
bin/install.jsView file
matchType = previous_version_dangerous_delta matchedPackage = deployzy@1.1.0 matchedIdentity = npm:ZGVwbG95enk:1.1.0 similarity = 0.500 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

bin/install.jsView on unpkg

Findings

1 Critical1 High3 Medium4 Low
CriticalPrevious Version Dangerous Deltabin/install.js
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings