registry  /  @cat-factory/server  /  0.71.2

@cat-factory/server@0.71.2

Runtime-neutral HTTP layer for the Agent Architecture Board: the Hono controllers, middleware (auth/authz/CORS/error), request helpers and the gateway seams shared by every deployment facade (Cloudflare Worker, Node service).

AI Security Review

scanned 2d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package is a runtime-neutral Hono HTTP server layer with package-aligned OAuth, GitHub, LLM proxy, and web-search network behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
Runtime server routes invoked by an application using the package
Impact
Expected backend integrations; no install-time execution, exfiltration, persistence, or agent-control hijack identified
Mechanism
Authenticated controller and proxy logic
Rationale
Static inspection found package-aligned server/proxy capabilities but no lifecycle hook, import-time payload, credential harvesting, persistence, destructive behavior, or broad AI-agent control-surface mutation. Scanner hits are explainable as normal HTTP/OAuth/crypto helper code for this backend package.
Evidence
package.jsondist/index.jsdist/app.jsdist/crypto/encoding.d.tsdist/crypto/encoding.jsdist/modules/tasks/TaskSourceController.jsdist/modules/llmProxy/LlmProxyController.jsdist/modules/webSearch/upstreams.jsdist/auth/GitHubOAuth.jsdist/auth/GoogleOAuth.jsdist/auth/LinearOAuth.js
Network endpoints8
api.search.brave.com/res/v1/web/searchgithub.com/login/oauth/access_tokengithub.com/useraccounts.google.comoauth2.googleapis.com/tokenwww.googleapis.com/oauth2/v3/userinfolinear.app/oauth/authorizeapi.linear.app/oauth/token

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • Runtime HTTP controllers proxy LLM, web search, OAuth, GitHub, Linear requests.
  • dist/modules/llmProxy/LlmProxyController.js forwards authenticated requests to configured upstreams.
  • dist/modules/webSearch/upstreams.js can call Brave or configured SearXNG endpoint.
Evidence against
  • package.json has no npm lifecycle hooks or bin entrypoint.
  • dist/index.js and dist/app.js export/register Hono controllers; no import-time execution beyond module definitions.
  • dist/crypto/encoding.d.ts private-key text is documentation for PEM parsing, not an embedded secret.
  • No child_process, eval/new Function, dynamic require, native binary loading, or AI-agent control-surface writes found.
  • User/configured URLs are described as SSRF-guarded in web search and local-runner proxy paths.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 124 file(s), 740 KB of source, external domains: accounts.google.com, api.github.com, api.linear.app, api.search.brave.com, github.com, linear.app, oauth2.googleapis.com, www.googleapis.com

Source & flagged code

7 flagged · loading source
dist/crypto/encoding.d.tsView file
7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/crypto/encoding.d.tsView on unpkg · L7
7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.d.ts

dist/crypto/encoding.d.tsView on unpkg · L7
8patternName = private_key_rsa severity = critical line = 8 matchedText = * (`----... via
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.d.ts

dist/crypto/encoding.d.tsView on unpkg · L8
dist/modules/tasks/TaskSourceController.jsView file
188return unavailable(c); L189: const task = await tasks.importService.import(param(c, 'workspaceId'), sourceParam(c), c.req.valid('json').ref); L190: return c.json(task, 201);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/modules/tasks/TaskSourceController.jsView on unpkg · L188
dist/crypto/encoding.jsView file
30patternName = private_key_rsa severity = critical line = 30 matchedText = * (`----...CS#1
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.js

dist/crypto/encoding.jsView on unpkg · L30
31patternName = private_key_rsa severity = critical line = 31 matchedText = * (`----... via
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.js

dist/crypto/encoding.jsView on unpkg · L31
dist/github/GitHubAppAuth.d.tsView file
4patternName = private_key_rsa severity = critical line = 4 matchedText = /** App .... */
Critical
Secret Pattern

RSA private key in dist/github/GitHubAppAuth.d.ts

dist/github/GitHubAppAuth.d.tsView on unpkg · L4

Findings

6 Critical2 Medium5 Low
CriticalCritical Secretdist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.js
CriticalSecret Patterndist/crypto/encoding.js
CriticalSecret Patterndist/github/GitHubAppAuth.d.ts
MediumDynamic Requiredist/modules/tasks/TaskSourceController.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License