AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall-time script mutates user shell startup files and PATH state to expose the deveco CLI. The runtime CLI then executes an opaque packaged native ARM64 binary when explicitly invoked.
Decision evidence
public snapshot- package.json runs postinstall: node scripts/postinstall.js
- scripts/postinstall.js appends PATH export to existing shell rc files or creates $HOME/.zshrc
- scripts/postinstall.js creates a deveco symlink in the first writable PATH directory
- cli.js spawns packaged native binary bin/deveco with user arguments
- bin/deveco is a 142371008-byte ARM64 ELF executable
- No JS network endpoints or exfiltration logic found
- No credential/env harvesting beyond HOME, PATH, and NPM_CONFIG_PREFIX for install setup
- postinstall changes are package-aligned for making the deveco CLI available
- postinstall does not execute a remote payload
- README only contains package title
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource writes persistence or remote-access backdoor material.
scripts/postinstall.jsView on unpkg · L4A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
scripts/postinstall.jsView on unpkg · L4