AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is an explicit CLI that runs coverage, probes target modules, calls an AI coding/test agent, and writes tests or coverage artifacts as part of its advertised workflow.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Trigger
User runs `7n-test` or package APIs against a project directory.
Impact
May execute target project tests/modules and modify project test/COVERAGE files by design; no hidden install-time or import-time compromise found.
Mechanism
User-invoked AI-assisted test generation and coverage/mutation automation
Rationale
Source inspection shows dangerous primitives are explicit, package-aligned capabilities for a test-generation CLI, not hidden lifecycle/import-time malware. No credential collection, covert endpoint, persistence, destructive behavior, or unconsented AI-agent control-surface mutation was found.
Evidence
package.jsonbin/7n-test.jssrc/index.jssrc/run.mjssrc/gen-tests.mjssrc/fix-tests.mjssrc/coverage-fix.mjssrc/coverage/coverage.mjssrc/lib/pi-client.mjssrc/lib/runtime-probe.mjssrc/lib/vitest-shim.mjsCOVERAGE.mdtests/*.test.mjs
Decision evidence
public snapshotAI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
- src/lib/pi-client.mjs exposes pi SDK calls and callAgent with write/bash tools, but only through explicit CLI workflows.
- src/lib/runtime-probe.mjs spawns node and imports target modules to probe exports during test generation.
- src/gen-tests.mjs and src/fix-tests.mjs write generated/fixed test files under the user-supplied project directory.
- src/coverage-fix.mjs can spawn `pi` in agent mode for survived mutants when mutation fix is requested.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks.
- bin/7n-test.js only imports src/index.js and runs on explicit CLI invocation.
- src/index.js defers loading src/run.mjs until run(args) is called; no import-time side effects found.
- Network/LLM behavior is package-aligned for an AI test-generation CLI and uses configured pi SDK/model auth, not hidden exfil endpoints.
- Project file writes are limited to test/COVERAGE/temp lock outputs for the declared coverage/test automation workflow.
- No credential harvesting, persistence, destructive install behavior, or AI-agent control-surface writes found.
Behavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStrings
Source & flagged code
3 flagged · loading sourcesrc/lib/runtime-probe.mjsView file
93try {
L94: mod = await import(filePath)
L95: } catch (e) {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
src/lib/runtime-probe.mjsView on unpkg · L93107// safe eval of primitive literals
L108: try { input = new Function('return ' + inputLiteral)() } catch { continue }
L109: try {
Low
Eval
Package source references a known benign dynamic code generation pattern.
src/lib/runtime-probe.mjsView on unpkg · L107src/gen-tests.mjsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @7n/test@0.10.1
matchedIdentity = npm:QDduL3Rlc3Q:0.10.1
similarity = 0.960
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
src/gen-tests.mjsView on unpkgFindings
1 Critical3 Medium4 Low
CriticalPrevious Version Dangerous Deltasrc/gen-tests.mjs
MediumDynamic Requiresrc/lib/runtime-probe.mjs
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalsrc/lib/runtime-probe.mjs
LowFilesystem
LowHigh Entropy Strings