AI Security Review
scanned 4h ago · by lpm-firewall-aiThe npm package is a bridge that automatically installs and launches a pinned Python Nastech Agent runtime. No concrete malicious behavior is present in the npm wrapper source, but install-time pip execution creates package-aligned lifecycle risk.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; later nastech or nastech-agent CLI execution launches Python code
Impact
Python package code and dependencies may be installed into the global or user Python environment during npm install
Mechanism
install-time pip install of pinned Python runtime and CLI delegation
Rationale
Source inspection shows a small npm wrapper whose postinstall installs the package-aligned nastech-agent==0.18.0 Python runtime via pip, with no evidence of credential theft, exfiltration, persistence, or foreign AI-agent control-surface mutation. The automatic cross-ecosystem runtime install is real lifecycle risk, but it is documented and pinned rather than concrete malware.
Evidence
package.jsonscripts/postinstall.jslib/python-launcher.jsbin/nastech.jsbin/nastech-agent.jsREADME.mdSECURITY.md
Decision evidence
public snapshotAI called this Suspicious at 86.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- package.json has postinstall: node scripts/postinstall.js
- scripts/postinstall.js runs python -m pip install --upgrade nastech-agent==0.18.0 at install time
- scripts/postinstall.js retries with --user if global pip install fails
- bin/nastech.js and bin/nastech-agent.js launch Python entrypoints from the installed nastech-agent package
Evidence against
- No curl/wget/fetch or hardcoded exfiltration endpoint in package source
- No credential, SSH key, npm token, or home-directory harvesting found
- No writes to Claude/Codex/Cursor/MCP control surfaces in npm package source
- Lifecycle installs a pinned package-aligned Python runtime documented in README.md and SECURITY.md
Behavioral surface
ChildProcessEnvironmentVarsFilesystem
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium2 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumEnvironment Vars
LowScripts Present
LowFilesystem