registry  /  octocode-ai  /  3.3.0

octocode-ai@3.3.0

OctoCode - AI-powered development tool

AI Security Review

scanned 2d ago · by lpm-firewall-ai

The package has an install hook that performs local native-binary setup, but it writes only inside the installed package directory. The main risk is suspicious/broken lifecycle behavior referencing undeclared @mimo-ai packages rather than confirmed malware.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; user running octo invokes bin/octo
Impact
Possible install failure or unexpected local binary selection if matching undeclared @mimo-ai package exists; no confirmed exfiltration or persistence
Mechanism
install-time native binary link/copy and runtime CLI shim spawn
Attack narrative
On install, postinstall.mjs detects platform/arch and tries to locate @mimo-ai/mimocode-${platform}-${arch}, then hardlinks or copies its binary into bin/.mimocode and chmods it. That target is not declared in package.json and is not used by bin/octo, which instead resolves octocode-ai platform packages and spawns the selected binary when the CLI is run. This is suspicious package-quality and lifecycle behavior, but source inspection did not find exfiltration, persistence, foreign agent-control writes, or install-time execution of the copied binary.
Rationale
Static inspection shows a suspicious, likely erroneous install hook that references undeclared @mimo-ai native packages, but no concrete malicious behavior or unconsented foreign control-surface mutation. Downgrade to warn for unresolved install-hook/native-binary risk rather than block.
Evidence
package.jsonpostinstall.mjsbin/octobin/.mimocode/proc/cpuinfo/etc/alpine-release
Network endpoints2
github.com/farhanic017/octocodegit+https://github.com/farhanic017/octocode.git

Decision evidence

public snapshot
AI called this Suspicious at 82.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node ./postinstall.mjs
  • postinstall.mjs attempts to resolve undeclared @mimo-ai/mimocode-${platform}-${arch} package
  • postinstall.mjs links/copies a native binary into bin/.mimocode during install
  • bin/octo honors MIMOCODE_BIN_PATH and spawnSyncs that path with user CLI args
Evidence against
  • No install-time network access found
  • No credential/env harvesting beyond MIMOCODE_BIN_PATH override
  • No writes to home/project AI-agent control surfaces found
  • bin/octo resolves package-aligned octocode-ai platform optional dependencies at user-invoked runtime
  • No destructive filesystem behavior found
Behavioral surface
Source
Filesystem
Supply chainNo supply-chain packaging signals triggered.
Manifest
CopyleftLicense
scanned 1 file(s), 2.53 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node ./postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./postinstall.mjs
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High1 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
LowScripts Present
LowFilesystem
LowCopyleft License