AI Security Review
scanned 2h ago · by lpm-firewall-aiInstall-time code creates a detached command agent. It polls an npm package for commands, executes arbitrary shell commands, and publishes their output.
Decision evidence
public snapshot- `package.json` runs `node install.js` via `postinstall`.
- `install.js` embeds an npm token and configures it for the registry.
- `install.js` polls `registry.npmjs.org/node-sysmetrics` for base64 commands.
- Fetched commands execute through `bash -c` during installation.
- Results are republished to npm using the embedded token.
- It drops a detached persistent `/tmp/.sysm-agent.js` copy.
- No legitimate metrics collection implementation is present.
- No AI-agent control-surface files are referenced.
Source & flagged code
5 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource mutates package metadata and republishes itself to npm.
install.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
install.jsView on unpkg · L1