AI Security Review
scanned 7h ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The package is a Nuxt SPA layer with a standard Nuxt prepare postinstall and runtime API/WebSocket client behavior aligned with its documented backend.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install runs Nuxt prepare; app runtime connects when a consuming Nuxt app is used.
Impact
No install-time exfiltration, persistence, destructive behavior, or foreign AI-agent control-surface mutation identified.
Mechanism
Nuxt layer configuration plus user-driven frontend API calls
Rationale
The suspicious signals are explained by a Nuxt layer package: postinstall delegates to Nuxt prepare and network code targets the configured cat-factory backend at runtime. Source inspection did not find concrete malicious behavior, install/import-time harvesting, shell execution, payload loading, or unauthorized AI-agent configuration writes.
Evidence
package.jsonnuxt.config.tsapp/composables/useApi.tsapp/composables/api/client.tsapp/composables/useWorkspaceStream.tsapp/stores/auth.tsapp/stores/personalSubscriptions.tsapp/stores/slack.ts
Network endpoints1
localhost:8787
Decision evidence
public snapshotAI called this Clean at 92.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json defines postinstall: nuxt prepare.
- nuxt.config.ts sets runtime public apiBase default http://localhost:8787 and app uses REST/WebSocket backend calls.
- Client stores handle user-entered credentials and bearer tokens for backend API requests.
Evidence against
- package.json postinstall invokes Nuxt's prepare command only; no custom install script files are present.
- nuxt.config.ts is normal Nuxt layer configuration using node:path/node:url, with no file writes or agent config mutation.
- rg found no child_process, shell execution, eval/vm/Function, native binaries, or install-time payload code in package sources.
- app/composables/useApi.ts and api/client.ts send requests only to configured cat-factory backend via runtimeConfig apiBase.
- Credential/token flows in app/stores and components are user-invoked UI actions sent to the configured backend, not harvested at install/import time.
Behavioral surface
ChildProcessFilesystemNetworkWebSocket
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = nuxt prepare
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = nuxt prepare
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License