registry  /  @cat-factory/server  /  0.68.1

@cat-factory/server@0.68.1

Runtime-neutral HTTP layer for the Agent Architecture Board: the Hono controllers, middleware (auth/authz/CORS/error), request helpers and the gateway seams shared by every deployment facade (Cloudflare Worker, Node service).

AI Security Review

scanned 2d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a runtime-neutral HTTP server layer whose network and credential flows are expected for OAuth, GitHub integration, LLM proxying, web search, runner pools, and persistence RPC.

Static reason
One or more suspicious static signals were detected.
Trigger
User/runtime-invoked Hono routes after an application facade wires the server container
Impact
No install-time/import-time execution or unconsented exfiltration identified
Mechanism
package-aligned HTTP controllers and service delegation
Rationale
Static inspection shows a large server-side integration package with expected network, OAuth, credential encryption, and agent-runner plumbing, but no lifecycle execution, hidden dynamic loading, shell execution, local credential harvesting, or concrete exfiltration path. Scanner findings are explained by package-aligned helpers and comments/types rather than malicious behavior.
Evidence
package.jsondist/index.jsdist/app.jsdist/modules/tasks/TaskSourceController.jsdist/crypto/encoding.jsdist/modules/webSearch/upstreams.jsdist/agents/ContainerAgentExecutor.jsdist/modules/llmProxy/LlmProxyController.js
Network endpoints8
api.search.brave.com/res/v1/web/searchlinear.appapi.linear.app/oauth/tokenaccounts.google.comwww.googleapis.comoauth2.googleapis.com/tokengithub.comapi.github.com

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • Network-capable server package proxies OAuth, GitHub, LLM, web-search, and persistence requests when runtime routes are invoked.
  • ContainerAgentExecutor can pass GitHub and subscription credentials to configured runner transports during user-initiated agent jobs.
Evidence against
  • package.json has no lifecycle scripts; main is dist/index.js with exports only.
  • dist/modules/tasks/TaskSourceController.js dynamic_require hint is a false positive: requireTasks is a local helper, no require()/import().
  • dist/crypto/encoding.d.ts secret hint is only PEM-format documentation; no embedded key material.
  • rg found no child_process/shell execution, eval/Function, lifecycle hooks, or AI-agent control-surface file writes.
  • Network endpoints are package-aligned: GitHub/OAuth/Linear/Google/Brave/SearXNG/LLM proxy flows behind Hono controllers.
  • Credential handling is explicit: tokens are write-only/redacted or encrypted; GitHub installation tokens are in-memory cached.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 123 file(s), 729 KB of source, external domains: accounts.google.com, api.github.com, api.linear.app, api.search.brave.com, github.com, linear.app, oauth2.googleapis.com, www.googleapis.com

Source & flagged code

7 flagged · loading source
dist/crypto/encoding.d.tsView file
7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/crypto/encoding.d.tsView on unpkg · L7
7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.d.ts

dist/crypto/encoding.d.tsView on unpkg · L7
8patternName = private_key_rsa severity = critical line = 8 matchedText = * (`----... via
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.d.ts

dist/crypto/encoding.d.tsView on unpkg · L8
dist/modules/tasks/TaskSourceController.jsView file
188return unavailable(c); L189: const task = await tasks.importService.import(param(c, 'workspaceId'), sourceParam(c), c.req.valid('json').ref); L190: return c.json(task, 201);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/modules/tasks/TaskSourceController.jsView on unpkg · L188
dist/crypto/encoding.jsView file
30patternName = private_key_rsa severity = critical line = 30 matchedText = * (`----...CS#1
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.js

dist/crypto/encoding.jsView on unpkg · L30
31patternName = private_key_rsa severity = critical line = 31 matchedText = * (`----... via
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.js

dist/crypto/encoding.jsView on unpkg · L31
dist/github/GitHubAppAuth.d.tsView file
4patternName = private_key_rsa severity = critical line = 4 matchedText = /** App .... */
Critical
Secret Pattern

RSA private key in dist/github/GitHubAppAuth.d.ts

dist/github/GitHubAppAuth.d.tsView on unpkg · L4

Findings

6 Critical2 Medium5 Low
CriticalCritical Secretdist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.js
CriticalSecret Patterndist/crypto/encoding.js
CriticalSecret Patterndist/github/GitHubAppAuth.d.ts
MediumDynamic Requiredist/modules/tasks/TaskSourceController.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License