registry  /  tachograph  /  0.2.4

tachograph@0.2.4

A compact instrument cluster for your coding agents (Claude Code / Codex). Shows model, rate-limit usage, and context at a glance.

AI Security Review

scanned 8d ago · by lpm-firewall-ai

No confirmed malicious attack surface in inspected source. The main risk is package-aligned install-time binary download from GitHub releases, with checksum verification from the same release.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall; tacho CLI runs the installed binary
Impact
Installs and executes a project-aligned native tachograph CLI, with residual supply-chain risk from remote release assets but no source-level malicious behavior observed.
Mechanism
postinstall fetches, verifies, extracts, and chmods a platform binary; CLI wrapper spawns it
Rationale
The suspicious lifecycle and child_process findings are explained by a disclosed prebuilt CLI installer and launcher, and the JS source does not collect secrets, modify AI-agent control surfaces at install time, or exfiltrate data. Because the downloaded native binary is not present for inspection, this retains ordinary supply-chain risk but not enough for warn/block on source facts.
Evidence
package.jsoninstall.jsasset.jsbin/tacho.jsREADME.mdbin/tachobin/tacho.exe/tmp/tacho-* archive
Network endpoints2
github.com/kosako/tachograph/releases/download/v0.2.4/tachograph_<platform>_<arch>.<ext>github.com/kosako/tachograph/releases/download/v0.2.4/checksums.txt

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json runs postinstall: node install.js
  • install.js downloads a platform archive during install and extracts it with tar
  • bin/tacho.js spawns the installed native tacho/tacho.exe binary
Evidence against
  • install.js downloads only GitHub release assets under kosako/tachograph for this package version
  • install.js verifies the archive SHA256 against the release checksums.txt before extraction
  • No env/credential harvesting, persistence, destructive project writes, or exfiltration code found in JS sources
  • README.md discloses the postinstall prebuilt-binary download behavior
  • CLI execution is user-invoked via bin/tacho.js and only forwards arguments/stdio
Behavioral surface
Source
ChildProcessCryptoFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 5.43 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings