AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface. Network use is runtime, user-invoked, and aligned with an AI office/chat UI SDK using caller-provided endpoints.
Static reason
One or more suspicious static signals were detected.
Trigger
Application imports and renders the AI office UI or invokes chat, upload, bot fetch, or voice input features.
Impact
Expected runtime communication with integrator-configured services; no credential harvesting, persistence, destructive behavior, or install-time execution found.
Mechanism
React AI office SDK with chat transport, bot manifest fetch, attachment upload/download, and ASR WebSocket.
Rationale
Static source inspection shows a browser React SDK whose network primitives are package-aligned and depend on endpoints supplied by the host application. Scanner hits for fetch, process.env, data:image, and password strings map to build config, UI assets, form labels, or user-invoked runtime features rather than malware behavior.
Evidence
package.jsonsrc/index.tssrc/app/hooks/useChatTransport.tssrc/app/service/fetch-bots.tssrc/app/utils/attachments.tssrc/app/hooks/use-voice-input.tssrc/core/plugin-system/PluginManager.ts
Network endpoints5
${apiEndpoint}/common/connect${apiEndpoint}/agent/all-botsuploadEndpointdownloadFile(url)asrEndpoint
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no install/preinstall/postinstall lifecycle scripts.
- src/index.ts only exports app/plugin SDK APIs.
- src/app/hooks/useChatTransport.ts sends chat traffic to caller-provided api/common/connect.
- src/app/service/fetch-bots.ts fetches caller-provided apiEndpoint/agent/all-bots with caller-provided headers.
- src/app/hooks/use-voice-input.ts opens a WebSocket only to caller-provided ASR endpoint after user microphone permission.
- src/core/plugin-system/PluginManager.ts dynamic imports are constrained to Vite globbed built-in plugins.
Behavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkWebSocket
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcedist/index-BTCjqYfE.jsView file
2923patternName = generic_password
severity = medium
line = 2923
matchedText = password...4;",
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/index-BTCjqYfE.jsView on unpkg · L2923dist/sdk.jsView file
2920patternName = generic_password
severity = medium
line = 2920
matchedText = password...4;",
Medium
dist/ai-office.umd.cjsView file
5patternName = generic_password
severity = medium
line = 5
matchedText = url(data..."),`
Medium
Findings
5 Medium4 Low
MediumSecret Patterndist/index-BTCjqYfE.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/sdk.js
MediumSecret Patterndist/ai-office.umd.cjs
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings