registry  /  verglos  /  0.1.0

verglos@0.1.0

Security scanner for every app you ship

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The main risk is install-time scanning of the installing project and local file writes, which is surprising but package-aligned. No confirmed malicious exfiltration or foreign control-surface mutation is present in inspected source.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs package postinstall; CLI commands run by user
Impact
May read project files through scanner dependencies and write local Verglos config/reports/cache; no confirmed attack behavior in package source.
Mechanism
install-time project scan plus local config/cache writes; optional license unlock request
Rationale
Postinstall project scanning and local writes justify a warning, but inspected source does not show malware, destructive behavior, hidden credential theft, remote payload execution, or AI-agent control hijack. The network behavior is first-party license activation and the git hook is explicit user-command setup.
Evidence
package.jsonscripts/postinstall.jsdist/scan.jsdist/config.jsdist/credentials.jsdist/index.jsdist/fix.js.verglos.config.js~/.verglos/credentials.json~/.verglos/last-score.json.git/hooks/pre-commit
Network endpoints1
verglos.com/api/license/unlock

Decision evidence

public snapshot
AI called this Suspicious at 83.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node scripts/postinstall.js
  • scripts/postinstall.js runs executeScan on INIT_CWD/process.cwd during npm install unless VERGLOS_SKIP_POSTINSTALL=1
  • dist/scan.js calls runScan on projectRoot and writeReports, then saves last score
  • dist/config.js writes .verglos.config.js if missing
  • dist/credentials.js can POST licenseKey, fingerprint, and machineId to https://verglos.com/api/license/unlock when prior credentials exist
  • dist/config.js installs .git/hooks/pre-commit only through explicit verglos hook command
Evidence against
  • Behavior is aligned with a security scanner CLI package
  • No child_process, eval, native binary loading, destructive file operations, or hidden persistence found in package source
  • Network endpoint is package-aligned and limited to license unlock flow
  • Pre-commit hook setup is user-invoked, not postinstall-triggered
  • Credential writes are under package-owned ~/.verglos files
  • No evidence of AI-agent control-surface mutation or prompt injection files
Behavioral surface
Source
CryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 6 file(s), 13.1 KB of source, external domains: verglos.com

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/config.jsView file
3import { DEFAULT_CONFIG } from "@verglos/shared"; L4: const CONFIG_TEMPLATE = `/** @type {import('@verglos/shared').VerglosConfig} */ L5: module.exports = ${JSON.stringify(DEFAULT_CONFIG, null, 2)};
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/config.jsView on unpkg · L3

Findings

1 High4 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumDynamic Requiredist/config.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings