registry  /  @ai-sdk/provider-utils  /  5.0.2

@ai-sdk/provider-utils@5.0.2

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Network helpers execute only when their exported functions are called with caller-supplied URLs; download redirects are SSRF-validated.

Static reason
No blocking static signals were detected.
Trigger
Consumer explicitly calls exported HTTP or download helpers.
Impact
Normal provider API requests or guarded downloads; no autonomous exfiltration, persistence, or mutation.
Mechanism
Caller-directed fetch and configuration utility functions.
Rationale
Static source inspection shows a utility package whose network and environment access is explicit and caller-directed. No concrete malicious chain, install-time execution, credential exfiltration, persistence, destructive behavior, or AI-agent control-surface mutation was found.
Evidence
package.jsonsrc/index.tssrc/get-from-api.tssrc/post-to-api.tssrc/fetch-with-validated-redirects.tssrc/validate-download-url.tssrc/load-api-key.tssrc/load-setting.tssrc/download-blob.tssrc/load-optional-setting.tssrc/get-runtime-environment-user-agent.tsdist/index.js

Decision evidence

public snapshot
AI called this Clean at 97.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall, install, postinstall, or prepare hook.
    • src/index.ts only exports utilities; no import-time network, file, or process action was found.
    • src/get-from-api.ts and src/post-to-api.ts fetch only caller-supplied URLs and request bodies.
    • src/fetch-with-validated-redirects.ts validates every redirect hop to guard against private-address downloads.
    • src/load-api-key.ts and src/load-setting.ts only read a caller-selected environment variable and return or reject on its value.
    • No child-process, shell, eval/vm, dynamic loading, filesystem-write, or agent-config mutation was found in executable source.
    Behavioral surface
    Source
    EnvironmentVarsNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 133 file(s), 315 KB of source, external domains: json-schema.org

    Source & flagged code

    0 flagged
    No flagged code excerpts are attached to this scan.

    Findings

    2 Medium3 Low
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowHigh Entropy Strings
    LowUrl Strings