registry  /  terminalhire  /  0.12.0

terminalhire@0.12.0

Local-first job matching for developers — ambient job matches in the Claude Code spinner. Matching runs on your machine; your profile never leaves it.

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package has dual-use primitives for local profile storage, network sync, and Claude Code UI settings, but inspected flows are user-invoked and consent-gated rather than silent lifecycle behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs terminalhire commands such as init, spinner --on, login, jobs, sync --push, or statusline installer.
Impact
May write local terminalhire state and Claude settings or send approved profile/job data only after explicit user actions.
Mechanism
Consent-gated CLI for local job matching and optional Claude Code spinner/statusLine integration.
Rationale
Static source inspection found suspicious capabilities, but they are package-aligned and gated by explicit CLI actions or typed consent. The lifecycle hook is print-only, so there is no concrete malicious install-time or import-time behavior to block.
Evidence
package.jsonpostinstall.jsinstall.jsstatusline-install.jsdist/bin/jpi-init.jsdist/bin/jpi-dispatch.jsdist/bin/jpi-statusline-launch.js~/.claude/settings.json~/.terminalhire/config.json~/.terminalhire/github-token.enc~/.terminalhire/profile.enc~/.terminalhire/statusline-launch.js~/.terminalhire/tier1.json
Network endpoints7
terminalhire.com/api/indexterminalhire.com/api/leadwww.terminalhire.com/api/profile-sync/beginwww.terminalhire.com/api/profile-syncgithub.com/login/device/codegithub.com/login/oauth/access_tokenapi.github.com/user

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • package.json defines postinstall, but postinstall.js only prints an interactive notice and exits 0.
  • install.js/statusline-install.js can modify ~/.claude/settings.json after typed "yes" consent and create backups.
  • dist/bin/jpi-statusline-launch.js dynamically imports ~/.terminalhire/engine-path and can shell-run a preserved foreign statusLine.
  • dist/bin/jpi-dispatch.js has network features for GitHub OAuth, terminalhire APIs, job indexes, and optional profile sync/lead submission.
Evidence against
  • No install-time execution beyond print-only postinstall.js; install.js is not invoked by postinstall.
  • Claude settings writes are user-invoked and consent-gated in install.js, statusline-install.js, and spinner --on.
  • Lead/profile sync POSTs show explicit user consent flows before sending local profile fields.
  • GitHub token is obtained via user-initiated device flow and stored encrypted under ~/.terminalhire.
  • Network endpoints align with package purpose: job matching, GitHub auth/profile, chat/intro, and profile sync.
  • No evidence of credential harvesting, hidden lifecycle payloads, destructive behavior, or unconsented AI-agent control mutation.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 41 file(s), 2.95 MB of source, external domains: 127.0.0.1, api.ashbyhq.com, api.github.com, api.lever.co, api.opire.dev, apply.workable.com, boards-api.greenhouse.io, github.com, himalayas.app, hn.algolia.com, jobs.ashbyhq.com, jobs.lever.co, news.ycombinator.com, terminalhire.com, weworkremotely.com, www.terminalhire.com

Source & flagged code

9 flagged · loading source
package.jsonView file
scripts.postinstall = node ./postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node ./postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/bin/jpi-init.jsView file
matchType = previous_version_dangerous_delta matchedPackage = terminalhire@0.11.1 matchedIdentity = npm:dGVybWluYWxoaXJl:0.11.1 similarity = 0.974 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version.

dist/bin/jpi-init.jsView on unpkg
7import { createInterface } from "readline"; L8: import { spawnSync, spawn } from "child_process"; L9: import { homedir } from "os";
High
Child Process

Package source references child process execution.

dist/bin/jpi-init.jsView on unpkg · L7
dist/bin/jpi-statusline-launch.jsView file
49if (!cmd) return ""; L50: const r = spawnSync(cmd, { shell: true, input, timeout: 4e3 }); L51: return firstLine(r.stdout);
High
Shell

Package source references shell execution.

dist/bin/jpi-statusline-launch.jsView on unpkg · L49
28const line = await Promise.race([ L29: import(pathToFileURL(engine).href).then( L30: (mod) => mod && typeof mod.render === "function" ? firstLine(mod.render()) : null
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/bin/jpi-statusline-launch.jsView on unpkg · L28
dist/bin/jpi-sync.jsView file
1035try { L1036: const child = spawn(cmd, args, { stdio: "ignore", detached: true }); L1037: child.on("error", () => { ... L1044: // bin/jpi-sync.js L1045: var TH_DIR = process.env["TERMINALHIRE_DIR"] || join3(homedir2(), ".terminalhire"); L1046: var TIER1_MARKER = join3(TH_DIR, "tier1.json"); L1047: var API_URL = process.env["TERMINALHIRE_API_URL"] || process.env["JPI_API_URL"] || "https://terminalhire.com"; L1048: var SYNC_BASE = "https://www.terminalhire.com";
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/bin/jpi-sync.jsView on unpkg · L1035
99{ id: "azure", synonyms: ["microsoft-azure"], related: [{ to: "aws", w: 0.4 }] }, L100: { id: "ci-cd", synonyms: ["cicd", "jenkins", "circleci", "circle-ci", "travis"], related: [{ to: "github-actions", w: 0.6 }, { to: "gitlab-ci", w: 0.6 }] }, L101: { id: "github-actions", parents: ["ci-cd"], synonyms: ["github-action"] }, ... L191: { id: "microservices" }, L192: { id: "websockets", synonyms: ["ws", "socket.io"], related: [{ to: "realtime", w: 0.6 }] }, L193: { id: "realtime", synonyms: ["real-time"] }, ... L744: "use strict"; L745: KDF_INFO = Buffer.from("terminalhire-chat-v1"); L746: } ... L983: init_src(); L984: TERMINALHIRE_DIR = join2(homedir(), ".terminalhire"); L985: PROFILE_FILE = join2(TERMINALHIRE_DIR, "profile.enc");
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/bin/jpi-sync.jsView on unpkg · L99
dist/bin/jpi-dispatch.jsView file
31Cross-file remote execution chain: dist/bin/jpi-dispatch.js spawns dist/bin/jpi-link.js; helper contains network access plus dynamic code execution. L31: function terminalhireDir() { L32: return join(homedir(), ".terminalhire"); L33: } ... L49: if (fromFile) return fromFile; L50: const env = process.env["TERMINALHIRE_WEB_SESSION"]; L51: return typeof env === "string" && env.length > 0 ? env : null; ... L90: const raw = readFileSync2(CONFIG_FILE, "utf8"); L91: const parsed = JSON.parse(raw); L92: return { ...DEFAULT_CONFIG, ...parsed }; ... L182: const candidates = [ L183: join3(__dirname, "..", "..", "package.json"), L184: join3(__dirname, "..", "package.json")
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/bin/jpi-dispatch.jsView on unpkg · L31

Findings

1 Critical6 High5 Medium6 Low
CriticalPrevious Version Dangerous Deltadist/bin/jpi-init.js
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processdist/bin/jpi-init.js
HighShelldist/bin/jpi-statusline-launch.js
HighSame File Env Network Executiondist/bin/jpi-sync.js
HighSandbox Evasion Gated Capabilitydist/bin/jpi-sync.js
HighCross File Remote Execution Contextdist/bin/jpi-dispatch.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requiredist/bin/jpi-statusline-launch.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings