AI Security Review
scanned 3d ago · by lpm-firewall-aiInstall-time code fetches a remote platform binary, verifies it only against a checksum retrieved from the same remote release, and installs it under this package. The CLI later executes that binary.
Static reason
One or more suspicious static signals were detected.
Trigger
`npm install keen-code@0.29.0`, followed by `keen` execution
Impact
A compromised or substituted release payload can run with the privileges of the user invoking `keen`.
Mechanism
install-time remote native payload download and CLI execution
Rationale
This is a transparent compatibility wrapper, but its postinstall path installs executable code fetched at install time with checksum material from the same remote trust boundary. That creates unresolved supply-chain execution risk without evidence of a concrete malicious objective.
Evidence
package.jsonpostinstall.jsbin/keen.jsREADME.mdbin/keen/keen_<version>_<platform>_<arch>.tar.gz|zip
Network endpoints1
github.com/mochow13/keen-code/releases/download/v0.29.0
Decision evidence
public snapshotAI called this Suspicious at 87.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `node postinstall.js` during npm install.
- `postinstall.js` downloads a platform-native archive from the GitHub release URL.
- The downloaded checksum is fetched from the same release location, not embedded or independently authenticated.
- `postinstall.js` extracts and chmods the downloaded `bin/keen` executable.
- `bin/keen.js` executes that downloaded binary with user-supplied CLI arguments.
Evidence against
- No source reads environment variables, credentials, home directories, or project files.
- No source sends local data to a network endpoint.
- No `eval`, dynamic module loading, shell interpolation of user arguments, or AI-agent config writes were found.
- Extraction is constrained to the package `bin` directory and temporary archive is removed.
Behavioral surface
ChildProcessCryptoFilesystemNetwork
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings