AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Runtime network behavior is package-aligned for an AI office UI and targets host application supplied endpoints.
Static reason
One or more suspicious static signals were detected.
Trigger
User imports/renders AIOffice UI and interacts with chat, attachment upload/download, bot listing, or voice input.
Impact
No source-backed exfiltration or unauthorized code execution identified.
Mechanism
React UI SDK with user-configured backend calls
Rationale
Static inspection shows a React AI-office UI package whose network activity is driven by consumer-provided endpoints and user actions. Suspicious scanner signals map to normal fetch/WebSocket usage and embedded image data, with no concrete attack behavior.
Evidence
package.jsonsrc/index.tssrc/app/components/ai-office/index.tsxsrc/app/hooks/useChatTransport.tssrc/app/service/fetch-bots.tssrc/lib/utils.tssrc/app/hooks/use-event-msg-submit.tssrc/app/hooks/use-voice-input.tsscripts/validate-build.jssrc/const/ui.ts
Decision evidence
public snapshotAI called this Clean at 88.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks; build scripts are developer-invoked only.
- Entrypoints export React/UI code: src/index.ts exports AIOffice components and package exports point to dist bundles.
- Network calls use caller-provided apiEndpoint/uploadEndpoint/url values for chat, bot listing, attachments, and ASR WebSocket.
- No child_process, eval/new Function, filesystem writes, credential harvesting, persistence, or destructive behavior found in src or build script.
- Scanner secret hit is embedded data:image PNG constants in src/const/ui.ts, not a credential.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkWebSocket
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcedist/index-CqY_kigV.jsView file
2923patternName = generic_password
severity = medium
line = 2923
matchedText = password...4;",
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/index-CqY_kigV.jsView on unpkg · L2923dist/sdk.jsView file
2920patternName = generic_password
severity = medium
line = 2920
matchedText = password...4;",
Medium
dist/ai-office.umd.cjsView file
5patternName = generic_password
severity = medium
line = 5
matchedText = url(data..."),`
Medium
Findings
5 Medium4 Low
MediumSecret Patterndist/index-CqY_kigV.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/sdk.js
MediumSecret Patterndist/ai-office.umd.cjs
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings