AI Security Review
scanned 6d ago · by lpm-firewall-aiThe package is a JS wrapper that lifecycle-downloads and installs a native gurtcli binary. The reviewed source does not show malicious behavior, but the install-time executable payload is not present in the package source.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall, then user-invoked gurtcli CLI
Impact
Unverified downloaded executable runs when the user invokes gurtcli; no confirmed exfiltration or control-surface mutation in package source.
Mechanism
install-time remote native binary download and CLI spawn
Attack narrative
On install, install.js selects OS/architecture, downloads a tar.gz release asset from github.com/gru/gurtcli, extracts it into the package bin directory, and marks it executable. cli.js is only a launcher that spawns that binary with inherited stdio and forwarded arguments. No malicious source behavior was confirmed, but the executable payload is fetched during lifecycle rather than shipped for inspection.
Rationale
Source inspection found a package-aligned install-time binary downloader and launcher, not credential theft, persistence, destructive actions, or AI-agent hijacking. Because the executable payload is remotely fetched during postinstall and unavailable for static package inspection, warn rather than block.
Evidence
package.jsoninstall.jscli.jsbin/gurtclibin/gurtcli.exe
Network endpoints1
github.com/gru/gurtcli/releases/download/v0.2.0/gurtcli_0.2.0_<platform>_<arch>.tar.gz
Decision evidence
public snapshotAI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json runs postinstall: node install.js
- install.js downloads a platform archive from GitHub Releases at install time
- install.js extracts the archive with tar and chmods a dropped executable
- cli.js later spawns the dropped bin/gurtcli with user arguments
Evidence against
- No credential, env, home-directory, or project-file harvesting found
- No AI-agent control-surface writes found
- Network URL is package-aligned to github.com/gru/gurtcli releases
- No obfuscation, eval, dynamic require, persistence, or destructive behavior in JS wrapper
Behavioral surface
ChildProcessFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings