AI Security Review
scanned 5h ago · by lpm-firewall-aiNo confirmed malicious attack surface. Runtime features contact Spotify/YouTube/YouTube Music and write local media/cache/output files for a music collection tool when its server or scripts are explicitly run.
Static reason
One or more suspicious static signals were detected.
Trigger
Explicit user runtime commands such as npm run serve/start or app API calls
Impact
Expected local media/catalog generation; no install-time mutation or exfiltration identified
Mechanism
music metadata lookup, OAuth token refresh, media/artwork download, local cache/output writes
Rationale
Static inspection shows a domain-specific TypeScript music catalog/downloader with user-invoked network and filesystem behavior, and the suspicious .env secret hint is empty. There is no lifecycle hook, import-time payload, exfiltration, persistence, destructive behavior, or unauthorized AI-agent surface mutation.
Evidence
package.json.envsrc/config.tssrc/Spotify.service.tssrc/Youtube.service.tssrc/YoutubeMusic.service.tssrc/tables.tssrc/main.tssrc/app.tssrc/controller.tsSPOTIFY_GRANT_PATH from envfiles/* via @cascateer/database file tablesout/* when --out is passed
Network endpoints5
youtube.com/watchmusic.youtube.com/playlistwww.youtube.com/playlistopen.spotify.com/intl-de/album127.0.0.1:2700
Decision evidence
public snapshotAI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no preinstall/install/postinstall hooks and no bin/main auto-execution entrypoint; only ./api export.
- .env is present but zero bytes, so the scanner secret finding is false positive.
- src/tables.ts network/file writes are package-aligned: fetch artwork, download YouTube audio with ytdlp, write cache files under package-derived file tables.
- src/Spotify.service.ts reads/writes a configured Spotify grant path and opens Spotify OAuth via user-triggered runtime flow, not install/import time.
- No credential harvesting, broad filesystem scanning, exfiltration endpoint, persistence, or AI-agent control-surface writes found.
Behavioral surface
ChildProcessFilesystemNetworkShell
UrlStrings
NoLicense
Source & flagged code
1 flagged · loading source.envView file
•patternName = blocked_file
severity = critical
matchedText = .env
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
Findings
1 Critical1 Medium4 Low
CriticalCritical Secret.env
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License