registry  /  justcode-cli  /  0.1.7

justcode-cli@0.1.7

JustCode - an interactive terminal coding assistant CLI

AI Security Review

scanned 21h ago · by lpm-firewall-ai

The package installs and launches an opaque platform binary downloaded from the project's GitHub Releases. This is a real install/runtime executable payload risk, but the inspected JavaScript wrapper is package-aligned and shows no concrete malicious behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall or first justcode CLI run
Impact
executes downloaded native/Bun-compiled CLI binary with user arguments
Mechanism
download and spawn package release binary
Attack narrative
On install, postinstall downloads a platform-specific JustCode executable from the package repository's GitHub release and places it in dist-bin; if skipped, the bin launcher repeats the download on first run and spawns it. The reviewed source does not show exfiltration, persistence, or AI-agent control hijacking, but the fetched binary itself is opaque in this package.
Rationale
Source inspection confirms an install-time/lazy remote binary downloader, which warrants warning as a staged executable payload carrier, but the endpoint and behavior are package-aligned and no concrete malicious actions are present in the shipped source.
Evidence
package.jsonscripts/postinstall.mjsscripts/lib/download-binary.mjsscripts/lib/platform.mjsbin/justcode.mjsREADME.mddist-bin/justcode-<os>-<arch>dist-bin/justcode-<os>-<arch>.download
Network endpoints1
github.com/kingeke/justcode/releases/download/v0.1.7/justcode-<os>-<arch>

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node scripts/postinstall.mjs.
  • scripts/postinstall.mjs calls ensureBinary unless source checkout or JUSTCODE_SKIP_DOWNLOAD is set.
  • scripts/lib/download-binary.mjs fetches a GitHub release executable and writes it under dist-bin with executable permissions.
  • bin/justcode.mjs lazily downloads the same binary on first run if missing, then spawns it with user args.
Evidence against
  • Download URL is package-aligned, derived from package.json repository github.com/kingeke/justcode and version tag.
  • No source evidence of credential harvesting, env/file enumeration for exfiltration, destructive behavior, persistence, or agent control-surface writes.
  • Lifecycle writes only inside the package directory dist-bin path, not home/project AI-agent configs or shell/VCS hooks for consumers.
  • prepare sets git hooksPath but appears developer/source-oriented and no .githooks payload is present in the published files.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 5.59 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowUrl Strings