AI Security Review
scanned 1d ago · by lpm-firewall-aiNpm postinstall downloads a platform-specific release archive into `node_modules/.bin_real` and extracts it. Invoking `vallum` executes that downloaded binary. The wrapper has no embedded integrity verification, so remote release compromise can supply a replacement payload.
Decision evidence
public snapshot- `package.json` defines `postinstall`.
- `install.js` invokes the installer during npm install.
- `binary-install.js` downloads a platform archive and extracts it without a checksum/signature check.
- `binary-install.js` later executes the extracted `vallum` binary.
- Download URL is package-aligned: GitHub release path for `kahramanemir/Vallum`.
- No credential harvesting, exfiltration, eval, dynamic module loading, or agent-config writes appear in packaged JavaScript.
- The README's “ignore previous instructions” text describes threat detection, not reviewer manipulation.
- Postinstall installs an artifact but does not execute the downloaded binary.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage text addresses the security reviewer or scanner and tries to influence the review outcome.
README.mdView on unpkg