AI Security Review
scanned 2h ago · by lpm-firewall-aiInstallation fetches a platform-specific executable archive and executes the resulting binary to check its version. The launcher repeats this download-and-run fallback when invoked.
Static reason
One or more suspicious static signals were detected.
Trigger
`npm install` activates postinstall; running `teleforge` activates the launcher fallback.
Impact
A compromised or substituted release asset can execute code during installation or CLI use.
Mechanism
unsigned remote binary download, extraction, and execution
Rationale
The package is an unsigned remote-binary bootstrapper with install-time execution. Source supports a warning for dangerous supply-chain capability, not a malicious-intent block.
Evidence
package.jsonscript/postinstall.mjsbin/teleforge.teleforge.teleforge-version
Network endpoints1
github.com
Decision evidence
public snapshotAI called this Suspicious at 93.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `script/postinstall.mjs` on install.
- `script/postinstall.mjs` downloads a platform archive from GitHub Releases.
- Postinstall extracts and executes the downloaded binary for `--version` without a checksum/signature.
- `bin/teleforge` can likewise download, extract, and run a release binary.
Evidence against
- Network destination is a package-aligned GitHub release repository.
- Writes are limited to package-local `.teleforge` and `.teleforge-version` plus a temporary directory.
- No source reads credentials, scans user files, exfiltrates data, or changes AI-agent configuration.
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node ./script/postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node ./script/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings