AI Security Review
scanned 8h ago · by lpm-firewall-aiInstall-time code fetches and installs a remote native executable. This is package-aligned but creates unresolved supply-chain risk because the fetched binary is not integrity-pinned by the package.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs postinstall
Impact
Installer replaces/creates bin/xei from GitHub release content; compromise of that release path could affect consumers at install time.
Mechanism
remote binary download and executable install
Attack narrative
On install, install.js selects an OS/CPU target, removes the existing package binary, downloads a gzipped executable from the package's GitHub releases, decompresses it into bin/xei, and chmods it executable. The behavior is aligned with distributing a Rust CLI editor, but it is install-time executable replacement from a remote URL without package-local integrity verification.
Rationale
Source inspection shows no concrete exfiltration, persistence, destructive action beyond editor commands, or foreign AI-agent mutation. The remaining risk is the unpinned lifecycle download of a native executable, so warn rather than block.
Evidence
package.jsoninstall.jsREADME.mdbin/xei
Network endpoints2
github.com/stremtec/xei/releases/download/v0.1.7/xei-${target}${EXE}.gzgit+https://github.com/stremtec/xei.git
Decision evidence
public snapshotAI called this Suspicious at 82.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for block
- package.json runs postinstall: node install.js
- install.js deletes bin/xei then downloads a platform binary during install
- install.js writes decompressed response to bin/xei and chmods it executable
- Downloaded executable has no checksum/signature verification in package code
Evidence against
- Network endpoint is package-aligned GitHub release for stremtec/xei v0.1.7
- No credential/env harvesting, shell execution, persistence, or AI-agent control-surface writes found
- README and binary strings are consistent with a terminal editor
- Packaged bin/xei is a native CLI binary expected for this Rust editor package
Behavioral surface
FilesystemNetwork
UrlStrings
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/xeiView file
•path = bin/xei
kind = native_binary
sizeBytes = 989520
magicHex = [redacted]
Medium
Findings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumShips Native Binarybin/xei
LowScripts Present
LowFilesystem
LowUrl Strings