AI Security Review
scanned 8h ago · by lpm-firewall-aiNo concrete malicious behavior was confirmed, but install-time remote executable replacement creates unresolved supply-chain risk. The runtime binary appears to be a Vim-like terminal editor with user-invoked file operations.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall; user runs xei CLI
Impact
A compromised release/download path could replace the executable installed as bin/xei; no source evidence of active malware was found.
Mechanism
install-time GitHub release binary download and chmod
Attack narrative
During npm postinstall, install.js selects an OS/CPU target, downloads a gzipped xei binary from the package's GitHub releases, decompresses it into bin/xei, and chmods it executable. This is package-aligned but lacks integrity verification, so it is a warning-level staged executable delivery risk rather than confirmed malware.
Rationale
Static inspection found an install-time native binary downloader with no hash verification, but the endpoint and behavior are aligned with the declared Rust terminal editor and no exfiltration, persistence, AI-agent hijack, or destructive install behavior was found. Warn rather than block due unresolved install-time binary supply-chain risk.
Evidence
package.jsoninstall.jsbin/xeiREADME.md
Network endpoints1
github.com/stremtec/xei/releases/download/v0.2.8/xei-<target>.gz
Decision evidence
public snapshotAI called this Suspicious at 78.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for block
- package.json runs postinstall: node install.js
- install.js downloads a gzip executable from github.com/stremtec/xei releases at install time
- install.js unlinks and rewrites bin/xei without an integrity/hash check
- Package ships native binary bin/xei
Evidence against
- install.js download URL is package-aligned with repository/version v0.2.8
- No credential/env harvesting or exfiltration found in install.js or binary strings
- No AI-agent control-surface writes found
- README and binary strings match a terminal editor with user-invoked save/delete/terminal features
Behavioral surface
FilesystemNetwork
UrlStrings
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node install.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node install.js
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgbin/xeiView file
•path = bin/xei
kind = native_binary
sizeBytes = 989520
magicHex = [redacted]
Medium
Findings
1 High3 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumShips Native Binarybin/xei
LowScripts Present
LowFilesystem
LowUrl Strings