AI Security Review
scanned 2m ago · by lpm-firewall-aiInstallation fetches and installs an externally hosted native executable. The JavaScript shim itself establishes no credential, data-exfiltration, or AI-agent-control behavior.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall; later invocation of the hallouminate CLI.
Impact
A compromised or substituted GitHub release and its checksum could cause arbitrary native code to be installed and run.
Mechanism
Remote binary download, same-origin checksum check, tar extraction, and native-process launch.
Rationale
No concrete malicious behavior appears in the inspected package source, but its postinstall lifecycle installs an unpinned native payload whose integrity check is controlled by the same remote release channel. This is a real staged-payload supply-chain risk rather than evidence of malicious intent.
Evidence
package.jsoninstall.jsrun.jsREADME.mdbin/hallouminate
Network endpoints1
github.com/paulnsorensen/hallouminate/releases/download/v0.3.2/
Decision evidence
public snapshotAI called this Suspicious at 87.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json: postinstall runs install.js.
- install.js downloads a platform binary during installation.
- install.js verifies against a .sha256 fetched from the same release location.
- install.js extracts the downloaded archive into bin/ and marks its binary executable.
Evidence against
- All inspected source files are small and transparent.
- install.js uses a fixed package-aligned GitHub Releases URL and HTTPS-only redirects.
- No source reads credentials, harvests environment data, or writes AI-agent configuration.
- run.js only forwards CLI arguments and signals to bin/hallouminate.
Behavioral surface
ChildProcessCryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings