AI Security Review
scanned 2h ago · by lpm-firewall-aiAt runtime, server-provided plugin metadata can cause browser execution of fetched JavaScript. No install-time host mutation or local-system attack surface was confirmed.
Static reason
No blocking static signals were detected.
Trigger
Rendering or loading a declared plugin UI in the embedded application.
Impact
A compromised or untrusted same-origin plugin endpoint can execute code in the host page context.
Mechanism
Fetches and dynamically imports plugin UI JavaScript from a relative plugin endpoint.
Rationale
No concrete malicious install, exfiltration, persistence, or destructive chain was found. The unrestricted runtime plugin loader remains a material dangerous capability and warrants a warning.
Evidence
package.jsondist/index.jsdist/index-Dq_fPAkR.jsdist/index.d.ts
Network endpoints2
/_plugins/<pluginId>/ui/<uiEntryFile>?v=<version>/api
Decision evidence
public snapshotAI called this Suspicious at 89.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
- `dist/index-Dq_fPAkR.js` builds plugin URLs under `/_plugins/<id>/ui/<entry>?v=<version>`.
- `dist/index-Dq_fPAkR.js` fetches plugin source, wraps it in a Blob, then dynamically imports it.
- The fetched module runs in the embed page and receives a global plugin bridge exposing host UI hooks.
Evidence against
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- No Node filesystem, child-process, shell, or credential-harvesting primitive was found.
- Ordinary SDK API calls use configured `/api` endpoints with browser credentials.
Behavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsMinifiedTelemetryUrlStrings
Oversized source lightweight scan
dist/index-Dq_fPAkR.js12.2 MB file, sampled 256 KB
NetworkEnvironmentVarsHighEntropyStringsUrlStringstanstack.comwww.w3.org
Source & flagged code
2 flagged · loading sourcedist/livescript-CanGTf8u.jsView file
17return e.next(), "error";
L18: }, s = "(?![\\d\\s])[$\\w\\xAA-\\uFFDC](?:(?!\\s)[$\\w\\xAA-\\uFFDC]|-[A-Za-z])*", u = RegExp("(?:[({[=:]|[-~]>|\\b(?:e(?:lse|xport)|d(?:o|efault)|t(?:ry|hen)|finally|import(?:\\s*...
L19: token: "string",
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/livescript-CanGTf8u.jsView on unpkg · L17dist/index-Dq_fPAkR.jsView file
•path = dist/index-Dq_fPAkR.js
kind = oversized_source_file
sizeBytes = 12794385
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
dist/index-Dq_fPAkR.jsView on unpkgFindings
1 High4 Medium5 Low
HighOversized Source Filedist/index-Dq_fPAkR.js
MediumDynamic Requiredist/livescript-CanGTf8u.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings