AI Security Review
scanned 1d ago · by lpm-firewall-aiThe package has an install-time binary downloader and runtime launcher for a package-aligned CLI. The unresolved risk is executable code fetched from GitHub Releases without source-visible integrity verification, but no concrete malicious behavior is present in the shipped source.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall or first justcode CLI run
Impact
Executes a platform-specific JustCode binary from the package owner's GitHub release; source package does not show exfiltration or persistence.
Mechanism
download and execute package release binary
Attack narrative
On install, postinstall calls ensureBinary, which derives a GitHub Releases URL from package.json and downloads the current platform executable into dist-bin, marks it executable, and renames it into place. The bin launcher repeats this download if needed, then spawns the binary with inherited stdio. This is a risky binary-distribution pattern but is package-aligned and no malicious source behavior was found.
Rationale
Static inspection shows a package-aligned CLI binary downloader/launcher with no credential harvesting, persistence, destructive actions, or agent control-surface mutation. Because executable code is fetched at install/runtime without integrity verification, downgrade to warn rather than mark fully clean.
Evidence
package.jsonscripts/postinstall.mjsscripts/lib/download-binary.mjsscripts/lib/platform.mjsbin/justcode.mjsdist-bin/justcode-<os>-<arch>[.exe]dist-bin/justcode-<os>-<arch>[.exe].download
Network endpoints1
github.com/kingeke/justcode/releases/download/v0.1.4/<assetName>
Decision evidence
public snapshotAI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node scripts/postinstall.mjs.
- scripts/postinstall.mjs downloads a platform binary during install unless source checkout or JUSTCODE_SKIP_DOWNLOAD is set.
- bin/justcode.mjs lazily downloads the same binary on first CLI run and spawns it.
- scripts/lib/download-binary.mjs fetches executable release asset and chmods it 0755 without an integrity check.
Evidence against
- Download host is derived from package.json repository and points to the package's GitHub Releases.
- Files are written under the package directory at dist-bin/<assetName>, not user/home agent control surfaces.
- No code found harvesting credentials, reading arbitrary files, persistence, shell startup/VCS hook writes, or AI-agent config mutation.
- Lifecycle failure is non-fatal and skip is supported via JUSTCODE_SKIP_DOWNLOAD.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings