AI Security Review
scanned 3h ago · by lpm-firewall-aiThe package has an install-time remote binary installer. This creates supply-chain risk because npm install downloads and executes a GitHub release binary, but source inspection did not show credential theft, persistence, destructive behavior, or unconsented mutation outside its own bin path.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs the postinstall lifecycle script
Impact
Remote release compromise or maintainer-controlled latest release could execute code at install time; no confirmed malicious payload in package source.
Mechanism
platform-specific GitHub release binary download and verification execution
Rationale
Source inspection supports a warning for install-time remote binary download/execution, not a malicious block. The observed behavior is documented and limited to installing the package-owned CLI binary from the declared GitHub project.
Evidence
package.jsoninstall.mjsbin/mycelREADME.md
Network endpoints2
api.github.com/repos/rpuneet/mycel/releases/latestgithub.com/rpuneet/mycel/releases/download/v{version}/mycel_{version}_{os}_{arch}.tar.gz
Decision evidence
public snapshotAI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- package.json defines postinstall: node install.mjs
- install.mjs fetches latest release metadata from api.github.com
- install.mjs downloads a platform tar.gz from github.com/rpuneet/mycel/releases
- install.mjs writes downloaded contents to bin/mycel, chmods it executable, then runs bin/mycel version
Evidence against
- Only packaged files are package.json, install.mjs, bin/mycel, README.md, LICENSE
- Network use is package-aligned with documented GitHub release binary installation
- No credential, environment, home-directory, SSH, npm token, or project file harvesting found
- No shell execution; execFileSync invokes the package binary with fixed argv
- No AI-agent config/control-surface writes found in package source
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings