registry  /  tachograph  /  0.2.7

tachograph@0.2.7

A compact instrument cluster for your coding agents (Claude Code / Codex). Shows model, rate-limit usage, and context at a glance.

AI Security Review

scanned 6d ago · by lpm-firewall-ai

The package has a native-binary postinstall downloader, but the behavior is disclosed, package-aligned, and checksum-checked. No confirmed malicious attack surface was found in the npm wrapper source.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
npm install runs postinstall; user runs tacho CLI
Impact
Installs tachograph's platform binary into the package bin directory
Mechanism
download verified release binary and execute it on CLI invocation
Rationale
Static inspection shows a conventional package-owned binary installer and CLI launcher, with network/download and child_process use limited to fetching, extracting, and launching tachograph artifacts. The AI-agent setup mentioned in README is an explicit user command, not an install-time control-surface mutation in the inspected npm source.
Evidence
package.jsoninstall.jsasset.jsbin/tacho.jsREADME.mdbin/tachobin/tacho.exeos.tmpdir()/tacho-*
Network endpoints6
github.com/kosako/tachograph/releases/download/v0.2.7/tachograph_darwin_amd64.tar.gzgithub.com/kosako/tachograph/releases/download/v0.2.7/tachograph_darwin_arm64.tar.gzgithub.com/kosako/tachograph/releases/download/v0.2.7/tachograph_linux_amd64.tar.gzgithub.com/kosako/tachograph/releases/download/v0.2.7/tachograph_linux_arm64.tar.gzgithub.com/kosako/tachograph/releases/download/v0.2.7/tachograph_windows_amd64.zipgithub.com/kosako/tachograph/releases/download/v0.2.7/checksums.txt

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json runs postinstall: node install.js
  • install.js downloads a platform archive and checksums.txt from GitHub releases
  • install.js extracts archive with system tar and copies tacho/tacho.exe into bin/
Evidence against
  • asset.js URLs are package-owned GitHub release paths for kosako/tachograph
  • install.js verifies SHA-256 against release checksums before copying binary
  • bin/tacho.js only launches the installed local binary with user CLI args
  • No credential harvesting, exfiltration, persistence, destructive code, or install-time AI agent config mutation found
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 6.93 KB of source, external domains: github.com

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
install.jsView file
matchType = previous_version_dangerous_delta matchedPackage = tachograph@0.2.5 matchedIdentity = npm:dGFjaG9ncmFwaA:0.2.5 similarity = 0.667 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

install.jsView on unpkg

Findings

2 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
HighPrevious Version Dangerous Deltainstall.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings