registry  /  @cat-factory/server  /  0.107.7

@cat-factory/server@0.107.7

Runtime-neutral HTTP layer for the Agent Architecture Board: the Hono controllers, middleware (auth/authz/CORS/error), request helpers and the gateway seams shared by every deployment facade (Cloudflare Worker, Node service).

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package exports runtime HTTP controllers and integration clients; their network operations activate through authenticated application routes or configured providers, not at installation or import.

Static reason
One or more suspicious static signals were detected.
Trigger
Authenticated runtime controller requests and configured OAuth, GitHub, LLM, or web-search integrations.
Impact
Expected application integration behavior; no unconsented persistence, exfiltration, or code execution chain established.
Mechanism
Application-scoped HTTP/OAuth/API proxying with credential handling.
Rationale
Static hints are explained by normal server functionality: a controller-local accessor was mislabeled as dynamic require, and crypto declarations were mislabeled as a secret. Direct inspection found no install-time behavior or concrete malicious chain.
Evidence
package.jsondist/modules/docInterview/DocInterviewController.jsdist/crypto/encoding.jsdist/modules/llmProxy/LlmProxyController.jsdist/modules/webSearch/upstreams.jsdist/config/url-safety.jsdist/index.jsdist/modules/tasks/TaskSourceController.jsdist/github/FetchGitHubClient.jsdist/app.jsdist/agents/prompts.js
Network endpoints7
api.search.brave.com/res/v1/web/searchapi.github.comaccounts.google.comwww.googleapis.comoauth2.googleapis.com/tokenlinear.appapi.linear.app/oauth/token

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall hooks.
    • dist/modules/docInterview/DocInterviewController.js uses a local function named require, not module loading.
    • dist/crypto/encoding.js only implements encoding, PEM decoding, and comparison.
    • No child_process, filesystem-write, eval/vm, native payload, or AI-agent config mutation found.
    • Network use is authenticated runtime HTTP/OAuth, GitHub, LLM, and web-search integration behavior.
    • dist/modules/webSearch/upstreams.js applies redirect and SSRF checks for account-configured upstreams.
    Behavioral surface
    Source
    ChildProcessDynamicRequireFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    Manifest
    NoLicense
    scanned 140 file(s), 930 KB of source, external domains: accounts.google.com, api.github.com, api.linear.app, api.search.brave.com, github.com, linear.app, oauth2.googleapis.com, www.googleapis.com

    Source & flagged code

    7 flagged · loading source
    dist/crypto/encoding.d.tsView file
    7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
    Critical
    Critical Secret

    Package contains a critical-looking secret pattern.

    dist/crypto/encoding.d.tsView on unpkg · L7
    7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.d.ts

    dist/crypto/encoding.d.tsView on unpkg · L7
    8patternName = private_key_rsa severity = critical line = 8 matchedText = * (`----... via
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.d.ts

    dist/crypto/encoding.d.tsView on unpkg · L8
    dist/modules/tasks/TaskSourceController.jsView file
    188return unavailable(c); L189: const task = await tasks.importService.import(param(c, 'workspaceId'), sourceParam(c), c.req.valid('json').ref); L190: return c.json(task, 201);
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/modules/tasks/TaskSourceController.jsView on unpkg · L188
    dist/crypto/encoding.jsView file
    30patternName = private_key_rsa severity = critical line = 30 matchedText = * (`----...CS#1
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.js

    dist/crypto/encoding.jsView on unpkg · L30
    31patternName = private_key_rsa severity = critical line = 31 matchedText = * (`----... via
    Critical
    Secret Pattern

    RSA private key in dist/crypto/encoding.js

    dist/crypto/encoding.jsView on unpkg · L31
    dist/github/GitHubAppAuth.d.tsView file
    4patternName = private_key_rsa severity = critical line = 4 matchedText = /** App .... */
    Critical
    Secret Pattern

    RSA private key in dist/github/GitHubAppAuth.d.ts

    dist/github/GitHubAppAuth.d.tsView on unpkg · L4

    Findings

    6 Critical2 Medium5 Low
    CriticalCritical Secretdist/crypto/encoding.d.ts
    CriticalSecret Patterndist/crypto/encoding.d.ts
    CriticalSecret Patterndist/crypto/encoding.d.ts
    CriticalSecret Patterndist/crypto/encoding.js
    CriticalSecret Patterndist/crypto/encoding.js
    CriticalSecret Patterndist/github/GitHubAppAuth.d.ts
    MediumDynamic Requiredist/modules/tasks/TaskSourceController.js
    MediumNetwork
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings
    LowNo License