registry  /  pire-browser  /  0.2.20

pire-browser@0.2.20

Cross-platform Pi extension and Firefox bridge for local browser automation

AI Security Review

scanned 2h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. The main risk is install-time setup of a first-party Pi/browser automation extension and native messaging bridge. No confirmed malicious exfiltration, persistence beyond product setup, or remote payload execution was found.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
npm install postinstall or explicit pire-browser commands
Impact
Registers or repairs package-owned Pi/browser automation integration; explicit commands can remove legacy pire-browser registrations.
Mechanism
first-party Pi extension/native browser bridge setup
Rationale
Source inspection shows a browser automation package that performs first-party setup during postinstall and has explicit Pi repair/update commands, but I did not find unconsented mutation of a foreign/broad AI-agent control surface or data exfiltration. The lifecycle behavior is risky enough to warn under the agent extension lifecycle policy, not to block as malicious.
Evidence
package.jsonscripts/pi-postinstall.mjsbin/pire-browser.jsscripts/pi-install-migration.mjsextension/dist/background.jsextension/dist/content.jspi/extensions/pire-browser-runner.ts~/.pi/agent/settings.json.pi/settings.jsonPi extensions/pire-browser.ts legacy shim
Network endpoints2
github.com/ryenwang/pire-browsernpm registry via npm view pire-browser version

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json runs postinstall: node scripts/pi-postinstall.mjs.
  • scripts/pi-postinstall.mjs spawns bin/pire-browser.js setup during npm install.
  • bin/pire-browser.js can mutate Pi settings under ~/.pi/agent/settings.json or project .pi/settings.json via explicit pi repair.
  • scripts/pi-install-migration.mjs removes legacy pire-browser Pi registrations and extension shims only when npm:pire-browser is present.
Evidence against
  • No obfuscated code or hidden remote payload loader found in inspected entrypoints.
  • Network references are package-aligned: npm registry update checks and GitHub repo metadata/legacy source matching.
  • Child_process use launches package native binary, npm update commands, or Pi migration helper, not arbitrary downloaded code.
  • Extension eval/fetch/proxy/auth features are user-invoked browser automation capabilities with redaction logic, not install-time exfiltration.
  • Postinstall failures are nonfatal and PIRE_BROWSER_SKIP_POSTINSTALL disables setup.
Behavioral surface
Source
ChildProcessEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 11 file(s), 573 KB of source, external domains: example.com, github.com

Source & flagged code

5 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/pi-postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
extension/dist/background.jsView file
21patternName = generic_password severity = medium line = 21 matchedText = password...rd',
Medium
Secret Pattern

Package contains a possible secret pattern.

extension/dist/background.jsView on unpkg · L21
bin/pire-browser.jsView file
matchType = previous_version_dangerous_delta matchedPackage = pire-browser@0.2.19 matchedIdentity = npm:cGlyZS1icm93c2Vy:0.2.19 similarity = 0.800 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

bin/pire-browser.jsView on unpkg
1#!/usr/bin/env node L2: import { spawn, spawnSync } from "node:child_process"; L3: import {
High
Child Process

Package source references child process execution.

bin/pire-browser.jsView on unpkg · L1
scripts/pi-postinstall.mjsView file
2Cross-file remote execution chain: scripts/pi-postinstall.mjs spawns extension/dist/background.js; helper contains network access plus dynamic code execution. L2: import { dirname, join } from "node:path"; L3: import { spawnSync } from "node:child_process"; L4: import { fileURLToPath } from "node:url"; ... L8: L9: if (process.env.PIRE_BROWSER_SKIP_POSTINSTALL === "1") { L10: process.exit(0);
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

scripts/pi-postinstall.mjsView on unpkg · L2

Findings

1 Critical4 High4 Medium5 Low
CriticalPrevious Version Dangerous Deltabin/pire-browser.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processbin/pire-browser.js
HighShell
HighCross File Remote Execution Contextscripts/pi-postinstall.mjs
MediumSecret Patternextension/dist/background.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEval
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings