registry  /  rustcodegraph  /  1.2.0

rustcodegraph@1.2.0

Local-first code intelligence graph and CLI for AI agents

AI Security Review

scanned 15d ago · by lpm-firewall-ai

The package is a native-binary npm wrapper that downloads a platform artifact at install time. This is package-aligned but leaves an unverified remote executable outside the inspected source.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install/postinstall or invoking rustcodegraph CLI when binary is missing
Impact
Executes an unverified downloaded native binary if the user runs the CLI; no confirmed malicious behavior in package JS source.
Mechanism
install-time GitHub release binary download and extraction
Attack narrative
On install, postinstall calls install.js, which selects a platform artifact URL under the package's GitHub release path, downloads it with axios, writes it to a temp file, and extracts it into node_modules/.bin_real. The CLI wrapper later executes that binary with user-provided args. The inspected JS does not harvest secrets, exfiltrate data, or silently alter agent configs, but the remote binary payload is not present for static review and is not integrity-checked.
Rationale
Source inspection shows a conventional native-binary installer with a package-aligned GitHub endpoint, but it stages and later runs an unverified executable not included in the package. That unresolved remote payload risk warrants warning, not a malicious block.
Evidence
package.jsoninstall.jsbinary.jsbinary-install.jsrun-rustcodegraph.jsREADME.mdnode_modules/.bin_realOS temp archive file
Network endpoints1
github.com/hunzhiwange/rustcodegraph/releases/download/v1.2.0

Decision evidence

public snapshot
AI called this Suspicious at 78.0% confidence as Unknown with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node ./install.js.
  • install.js invokes binary.install(false) during npm install.
  • binary-install.js downloads a platform archive via axios and extracts it to node_modules/.bin_real.
  • binary-install.js uses spawnSync for tar/unzip/powershell extraction and later executes the installed binary.
  • No checksum/signature verification found for downloaded release artifact.
Evidence against
  • Download host is package-aligned GitHub release URL from package.json.
  • run-rustcodegraph.js only forwards CLI args to the installed rustcodegraph binary.
  • No source evidence of credential/env harvesting or exfiltration.
  • No source writes to AI-agent config during npm install; README describes agent setup as user-invoked rustcodegraph install.
  • No obfuscation, eval, persistence, or destructive project-file behavior found in JS wrapper.
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 9.90 KB of source, external domains: example.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node ./install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings