registry  /  dstl8  /  0.2.7

dstl8@0.2.7

CLI and TUI for the Dstl8 runtime feedback loop for AI. Distills, detects, correlates, and explains runtime problems to keep you out of debug rabbit holes. Context streams back into Claude Code, Cursor, and your dev flow. Always-on monitoring surfaces pat

AI Security Review

scanned 2h ago · by lpm-firewall-ai

Installation fetches an opaque native payload and places it in the package directory. A later explicit `dstl8` command executes that payload; the shipped JavaScript cannot establish its behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
`npm install`/`npx` invokes postinstall; running `dstl8` invokes the downloaded binary.
Impact
A release-hosted binary can run with the privileges of the user who invokes the CLI.
Mechanism
Postinstall remote native-binary bootstrap with same-origin checksum verification.
Rationale
No concrete malicious behavior is present in the shipped JavaScript, but install-time retrieval of an opaque executable leaves a material unresolved payload risk. Downgrade to warn rather than block because the payload is not executed during installation and no agent-control or exfiltration chain is shown.
Evidence
package.jsoninstall.jsbin/dstl8README.mddstl8
Network endpoints1
github.com/control-theory/dstl8/releases/download/v0.2.7

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` runs `node install.js` as `postinstall`.
  • `install.js` downloads a platform-specific tarball from GitHub Releases.
  • The downloaded executable is copied to `dstl8`, outside the published source set.
  • Checksum data is fetched from the same release endpoint as the payload.
  • `bin/dstl8` later spawns the downloaded native executable.
Evidence against
  • `install.js` does not execute the downloaded binary during postinstall.
  • Source targets the package-aligned `control-theory/dstl8` GitHub release path.
  • The installer validates a SHA-256 value before extracting.
  • No source reads environment variables, credentials, agent config, or user files.
  • No confirmed exfiltration, destructive action, or AI-agent control-surface write.
Behavioral surface
Source
ChildProcessCryptoFilesystemNetwork
Supply chain
UrlStrings
Manifest
NoLicense
scanned 1 file(s), 3.55 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License