registry  /  justcode-cli  /  0.2.2

justcode-cli@0.2.2

JustCode - an interactive terminal coding assistant CLI

AI Security Review

scanned 21h ago · by lpm-firewall-ai

The package has install-time and first-run acquisition of a package-owned native CLI binary from GitHub Releases. This is a real supply-chain risk because the executable is not present for inspection and is not checksum-pinned, but the source shows package-aligned behavior rather than a confirmed attack.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall or running the justcode bin
Impact
Runs the downloaded JustCode CLI binary under the user's invocation; no confirmed malicious source behavior in the npm package.
Mechanism
remote platform binary download then executable spawn
Attack narrative
On install, postinstall calls ensureBinary, which derives a GitHub Releases URL from package.json, downloads the current platform asset into dist-bin, chmods it, and renames it into place. The bin launcher repeats this download on first run if missing, then spawns the binary with inherited stdio. No source shows data theft, persistence, or foreign agent control-surface mutation.
Rationale
Static source inspection confirms a package-aligned remote binary installer/launcher with no checksum, which warrants warning because the executable payload is outside the npm tarball. The inspected source does not establish malicious behavior or an unconsented foreign AI-agent control hijack, so it should not be publish-blocked.
Evidence
package.jsonscripts/postinstall.mjsscripts/lib/download-binary.mjsscripts/lib/platform.mjsbin/justcode.mjsREADME.mddist-bin/justcode-darwin-arm64dist-bin/justcode-darwin-x64dist-bin/justcode-linux-arm64dist-bin/justcode-linux-x64dist-bin/justcode-windows-x64.exedist-bin/*.download
Network endpoints1
github.com/kingeke/justcode/releases/download/${tag}/${assetName()}

Decision evidence

public snapshot
AI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json postinstall runs scripts/postinstall.mjs.
  • scripts/postinstall.mjs downloads a platform binary during install unless JUSTCODE_SKIP_DOWNLOAD is set.
  • scripts/lib/download-binary.mjs fetches a GitHub release asset and chmods it executable without checksum verification.
  • bin/justcode.mjs lazily downloads the same binary and spawns it with user args.
  • package.json prepare runs git config core.hooksPath .githooks, but no .githooks files are present in the package.
Evidence against
  • Download URL is derived from package repository github.com/kingeke/justcode and version tag, package-aligned for a self-contained CLI.
  • Writes are confined to package dist-bin/<asset>.download and dist-bin/<asset>.
  • No source evidence of credential harvesting, exfiltration, destructive behavior, persistence daemon, or AI-agent control-surface writes.
  • No install-time shell execution beyond Node downloader and no obfuscated code in shipped files.
  • README documents the CLI as a coding assistant and warns it can modify files only at user direction.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 5.78 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowUrl Strings