registry  /  @cat-factory/server  /  0.81.1

@cat-factory/server@0.81.1

Runtime-neutral HTTP layer for the Agent Architecture Board: the Hono controllers, middleware (auth/authz/CORS/error), request helpers and the gateway seams shared by every deployment facade (Cloudflare Worker, Node service).

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package is a runtime-neutral HTTP/server layer with authenticated controllers, GitHub integration, LLM proxying, and web-search upstreams activated by application routes, not install/import side effects.

Static reason
One or more suspicious static signals were detected.
Trigger
Application runtime routes and exported server helpers
Impact
No unconsented execution, credential harvesting, persistence, or foreign AI-agent control mutation identified
Mechanism
Package-aligned HTTP controllers and API proxy helpers
Rationale
Static inspection shows a server package whose network and credential-handling code is aligned with its documented backend/agent platform purpose and is runtime-invoked behind app routes. Scanner findings are explained by route helpers, crypto declarations, and expected API clients rather than malicious install-time or import-time behavior.
Evidence
package.jsondist/index.jsdist/crypto/encoding.jsdist/crypto/encoding.d.tsdist/modules/tasks/TaskSourceController.jsdist/modules/webSearch/upstreams.jsdist/modules/llmProxy/LlmProxyController.jsdist/agents/ContainerAgentExecutor.jsdist/github/FetchGitHubClient.jsdist/github/GitHubAppAuth.js
Network endpoints2
api.search.brave.com/res/v1/web/searchgithub.com

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no npm lifecycle hooks and exports only ./dist/index.js
    • dist/crypto/encoding.js only decodes caller-supplied PEM/base64 data; no embedded secret in encoding.d.ts
    • dist/modules/tasks/TaskSourceController.js is Hono route code; scanner dynamic_require is a false positive on requireTasks helper
    • Network use is package-aligned: GitHub App/OAuth, Linear/Slack routes, LLM proxy, and web search proxy
    • dist/modules/webSearch/upstreams.js uses SSRF-safe fetch for account-configured SearXNG URLs
    • No install-time writes, agent control-surface mutation, shell execution, eval, or persistence found
    Behavioral surface
    Source
    ChildProcessDynamicRequireFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    Manifest
    NoLicense
    scanned 130 file(s), 838 KB of source, external domains: accounts.google.com, api.github.com, api.linear.app, api.search.brave.com, github.com, linear.app, oauth2.googleapis.com, www.googleapis.com

    Source & flagged code

    7 flagged · loading source
    dist/crypto/encoding.d.tsView file
    7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
    Critical
    Critical Secret

    Package contains a critical-looking secret pattern.

    dist/crypto/encoding.d.tsView on unpkg · L7
    7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.d.ts

    dist/crypto/encoding.d.tsView on unpkg · L7
    8patternName = private_key_rsa severity = critical line = 8 matchedText = * (`----... via
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.d.ts

    dist/crypto/encoding.d.tsView on unpkg · L8
    dist/modules/tasks/TaskSourceController.jsView file
    188return unavailable(c); L189: const task = await tasks.importService.import(param(c, 'workspaceId'), sourceParam(c), c.req.valid('json').ref); L190: return c.json(task, 201);
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/modules/tasks/TaskSourceController.jsView on unpkg · L188
    dist/crypto/encoding.jsView file
    30patternName = private_key_rsa severity = critical line = 30 matchedText = * (`----...CS#1
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.js

    dist/crypto/encoding.jsView on unpkg · L30
    31patternName = private_key_rsa severity = critical line = 31 matchedText = * (`----... via
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.js

    dist/crypto/encoding.jsView on unpkg · L31
    dist/github/GitHubAppAuth.d.tsView file
    4patternName = private_key_rsa severity = critical line = 4 matchedText = /** App .... */
    Critical
    Secret Pattern

    RSA private key in dist/github/GitHubAppAuth.d.ts

    dist/github/GitHubAppAuth.d.tsView on unpkg · L4

    Findings

    6 Critical2 Medium5 Low
    CriticalCritical Secretdist/crypto/encoding.d.ts
    CriticalSecret Patterndist/crypto/encoding.d.ts
    CriticalSecret Patterndist/crypto/encoding.d.ts
    CriticalSecret Patterndist/crypto/encoding.js
    CriticalSecret Patterndist/crypto/encoding.js
    CriticalSecret Patterndist/github/GitHubAppAuth.d.ts
    MediumDynamic Requiredist/modules/tasks/TaskSourceController.js
    MediumNetwork
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings
    LowNo License