AI Security Review
scanned 2h ago · by lpm-firewall-aiInstallation downloads an unverified platform binary from a GitHub release and stores it as `.teleforge` in the package root. The package CLI later executes that downloaded binary.
Static reason
One or more suspicious static signals were detected.
Trigger
npm postinstall; then explicit `teleforge` command
Impact
A compromised or substituted release asset can execute arbitrary code as the installing user when the CLI runs.
Mechanism
unverified remote binary staging and execution
Rationale
No concrete malicious behavior is present in the inspected source, but an install-time hook stages an unsigned remote executable that the CLI executes. This is a real unresolved supply-chain risk rather than a clean package.
Evidence
package.jsonscript/postinstall.mjsbin/teleforge.teleforge.teleforge-version
Network endpoints2
github.com/TELEFORGEAI/TELEFORGEE/releases/download/v${version}/${zipName}github.com/TELEFORGEAI/TELEFORGEE/releases/download/v1.0.54/${assetName}
Decision evidence
public snapshotAI called this Suspicious at 94.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `package.json` runs `script/postinstall.mjs` on installation.
- `script/postinstall.mjs` downloads a release ZIP and writes executable `.teleforge` without checksum/signature verification.
- `bin/teleforge` repeats remote archive download and executes the installed `.teleforge` when the user invokes `teleforge`.
- Both loaders extract downloaded archives with system tools before using the binary.
Evidence against
- Inspected JavaScript contains no credential harvesting, environment exfiltration, AI-agent config writes, persistence outside package files, or destructive actions.
- The only source-defined network destination is the package-aligned TELEFORGEAI GitHub releases repository.
- The postinstall script drops but does not execute the downloaded binary during installation.
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node ./script/postinstall.mjs
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node ./script/postinstall.mjs
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings