Skip to content
← Blog

Technical explainer

Why npm install trusts everything — and what Veln does about it

Veln Team1 min read

When you run npm install some-package, the following happens in sequence: npm contacts the registry, downloads a tarball, extracts it to node_modules, and — if a postinstall script is defined in package.json — runs it. That last step executes arbitrary code from the internet with the full permissions of your user account.

This is not a bug. It's a design decision that dates to npm's origins and has never been reversed.

The lifecycle hook problem

npm supports lifecycle hooks: scripts that run before and after installation. A postinstall script can do anything a shell script can do: read files, make network connections, spawn processes, access environment variables. It runs with your permissions, in your environment, with access to everything you have access to.

Legitimate uses are common. node-gyp uses install to compile native extensions. But the same mechanism is also the primary vector for supply chain attacks on npm.

Why npm doesn't prevent this

npm's design philosophy has always prioritized developer autonomy over security constraints. There have been proposals to require explicit opt-in for lifecycle script execution (--ignore-scripts disables all lifecycle scripts, but it also breaks packages that legitimately need them). None have been adopted as default behavior.

The result: npm install trusts that every package in the registry is safe to execute code from.

What Veln adds

Veln doesn't replace npm's install mechanism. It sits in front of it and adds the verification layer that npm doesn't provide:

Before the download starts: Tier 1 checks the package against the threat feed and verifies the cooling period has elapsed.

During the download: The stream scanner checks the tarball for binary files embedded in source code, manifest changes, and real-time hash comparison against community observations.

After extraction: Deep analysis runs a diff against the previous approved version, Veln Lens scans for obfuscation patterns, and the canary sandbox executes lifecycle scripts in isolation.

Veln adds the verification layer that npm was never designed to include.

More in Technical explainer

Bring Veln to your team: open the Veln Console to create an organization and license, then install and activate the agent on the machines where you build.

Create a Console account