AI Security Review
scanned 2h ago · by lpm-firewall-aiInstalling the package fetches an unsigned platform binary and executes it during postinstall. Redirects are followed without host validation.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install
Impact
A compromised release asset or redirect target can execute arbitrary code with installer privileges.
Mechanism
remote archive download, extraction, and native binary execution
Rationale
The source shows a real supply-chain risk from unverified install-time native binary execution, but no source-grounded evidence of intent to steal data, hijack agents, or otherwise act maliciously. Flag as warn rather than block.
Evidence
package.jsonscript/postinstall.mjsbin/teleforge.teleforge.teleforge-version
Network endpoints1
github.com/TELEFORGEAI/TELEFORGEE/releases/download/v{version}/{packageName}.zip
Decision evidence
public snapshotAI called this Suspicious at 93.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `script/postinstall.mjs` at install time.
- `script/postinstall.mjs` downloads a versioned archive from GitHub and extracts it.
- Postinstall copies the downloaded executable to `.teleforge` and executes it for `--version`.
- No checksum, signature, or fixed redirect-host validation protects the downloaded executable.
- `bin/teleforge` can likewise download, extract, and execute a GitHub release binary.
Evidence against
- Network host is the package-aligned GitHub release repository `TELEFORGEAI/TELEFORGEE`.
- Reviewed JavaScript has no credential harvesting, secret exfiltration, AI-agent configuration writes, or broad persistence.
- Writes and cleanup target the package directory or temporary directory.
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node ./script/postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node ./script/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings