AI Security Review
scanned 2h ago · by lpm-firewall-aiThe npm postinstall fetches a platform-specific native release archive, extracts it into the package directory, and the CLI wrapper executes it later. The JavaScript source itself establishes no credential theft, AI-agent control-surface mutation, or destructive behavior.
Decision evidence
public snapshot- `package.json` runs `node ./install.js` at postinstall.
- `install.js` invokes the binary installer during dependency installation.
- `binary.js` constructs release-artifact URLs from package metadata.
- `binary-install.js` downloads, extracts, and later executes the fetched native binary.
- No checksum, signature, or artifact verification is present in the inspected installer source.
- The only hard-coded artifact origin is the package-aligned Vallum GitHub release URL.
- Network code is a conventional proxy-aware release downloader, not credential exfiltration.
- Environment access is limited to standard proxy variables.
- No source reads secrets, scans user files, modifies agent configuration, or uses eval/dynamic loading.
- AI-agent hook configuration described in `README.md` is explicitly user-invoked through the downloaded CLI, not npm postinstall code.
Source & flagged code
3 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgPackage text addresses the security reviewer or scanner and tries to influence the review outcome.
README.mdView on unpkg