registry  /  saferemove  /  0.6.2

saferemove@0.6.2

AI-first safe rm replacement

AI Security Review

scanned 2h ago · by lpm-firewall-ai

On npm postinstall, the package fetches a platform-specific archive and installs its `saferm` executable. The archive is not integrity-verified, so release-host compromise or redirect abuse can replace the CLI binary.

Static reason
One or more suspicious static signals were detected.
Trigger
npm installation runs postinstall; later user invocation of `saferm` executes the fetched binary.
Impact
A substituted release archive can supply code executed as the installing user when the CLI is run.
Mechanism
unverified remote binary download and extraction
Rationale
The inspected source is a package-aligned binary installer and shows no direct theft, destructive action, or foreign control-surface mutation. However, its unverified lifecycle download installs an executable, leaving a material unresolved remote-payload risk.
Evidence
package.jsoninstall.jsbin/saferm_tmp_archive.tar.gz_tmp_extract
Network endpoints1
github.com/smm-h/saferm/releases/download/v${version}/saferm_${version}_${os}_${arch}.tar.gz

Decision evidence

public snapshot
AI called this Suspicious at 89.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `package.json` runs `node install.js` on `postinstall`.
  • `install.js` downloads a versioned GitHub release archive.
  • `install.js` extracts an executable into `bin/saferm` without checksum or signature verification.
  • Downloaded executable is later user-invocable through the `saferm` bin entry.
Evidence against
  • Only package-owned `bin/saferm` is modified.
  • No credential, environment, or arbitrary file harvesting appears in inspected sources.
  • No foreign AI-agent/control-surface writes, persistence, or data exfiltration found.
  • The install script does not execute the downloaded binary itself.
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 3.40 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings