registry  /  @cat-factory/server  /  0.79.4

@cat-factory/server@0.79.4

Runtime-neutral HTTP layer for the Agent Architecture Board: the Hono controllers, middleware (auth/authz/CORS/error), request helpers and the gateway seams shared by every deployment facade (Cloudflare Worker, Node service).

AI Security Review

scanned 6h ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package is a runtime-neutral Hono server layer with authenticated controllers, OAuth clients, GitHub APIs, LLM proxying, and container-agent dispatch as product functionality.

Static reason
One or more suspicious static signals were detected.
Trigger
User/runtime invocation of exported server controllers and services; no install-time trigger.
Impact
No evidence of unconsented execution, credential harvesting, exfiltration, persistence, or AI-agent control-surface hijack.
Mechanism
Package-aligned HTTP controller and backend integration logic
Rationale
Static inspection found no lifecycle execution, prompt/agent control-surface mutation, hidden dynamic loading, destructive behavior, or credential exfiltration. The suspicious primitives are consistent with a server package for authenticated OAuth/GitHub/LLM/container workflows and are activated by runtime API use.
Evidence
package.jsondist/index.jsdist/app.jsdist/modules/tasks/TaskSourceController.jsdist/modules/webSearch/upstreams.jsdist/crypto/encoding.jsdist/agents/ContainerAgentExecutor.jsdist/modules/llmProxy/LlmProxyController.js
Network endpoints8
api.search.brave.com/res/v1/web/searchgithub.comapi.github.comaccounts.google.comwww.googleapis.comoauth2.googleapis.com/tokenlinear.appapi.linear.app/oauth/token

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/agents/ContainerAgentExecutor.js contains agent job dispatch logic that can pass GitHub and subscription tokens to configured runner transports, but only during authenticated runtime workflows.
Evidence against
  • package.json has no npm lifecycle hooks or bin entries; main is dist/index.js exports only.
  • dist/index.js re-exports server modules and does not perform install-time or import-time side effects.
  • dist/modules/tasks/TaskSourceController.js is Hono route wiring for configured task integrations; scanner dynamic-require hint is not present in source.
  • dist/crypto/encoding.js only parses caller-supplied PEM/base64url data; no embedded secret was found.
  • Network use is package-aligned OAuth, GitHub, LLM proxy, and web-search server functionality with auth/SSRF guards in inspected code.
  • No writes to AI-agent control surfaces, shell startup files, VCS hooks, or persistence locations were found.
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 129 file(s), 808 KB of source, external domains: accounts.google.com, api.github.com, api.linear.app, api.search.brave.com, github.com, linear.app, oauth2.googleapis.com, www.googleapis.com

Source & flagged code

7 flagged · loading source
dist/crypto/encoding.d.tsView file
7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/crypto/encoding.d.tsView on unpkg · L7
7patternName = private_key_rsa severity = critical line = 7 matchedText = * (`----...CS#1
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.d.ts

dist/crypto/encoding.d.tsView on unpkg · L7
8patternName = private_key_rsa severity = critical line = 8 matchedText = * (`----... via
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.d.ts

dist/crypto/encoding.d.tsView on unpkg · L8
dist/modules/tasks/TaskSourceController.jsView file
188return unavailable(c); L189: const task = await tasks.importService.import(param(c, 'workspaceId'), sourceParam(c), c.req.valid('json').ref); L190: return c.json(task, 201);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/modules/tasks/TaskSourceController.jsView on unpkg · L188
dist/crypto/encoding.jsView file
30patternName = private_key_rsa severity = critical line = 30 matchedText = * (`----...CS#1
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.js

dist/crypto/encoding.jsView on unpkg · L30
31patternName = private_key_rsa severity = critical line = 31 matchedText = * (`----... via
Critical
Secret Pattern

RSA private key in dist/crypto/encoding.js

dist/crypto/encoding.jsView on unpkg · L31
dist/github/GitHubAppAuth.d.tsView file
4patternName = private_key_rsa severity = critical line = 4 matchedText = /** App .... */
Critical
Secret Pattern

RSA private key in dist/github/GitHubAppAuth.d.ts

dist/github/GitHubAppAuth.d.tsView on unpkg · L4

Findings

6 Critical2 Medium5 Low
CriticalCritical Secretdist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.d.ts
CriticalSecret Patterndist/crypto/encoding.js
CriticalSecret Patterndist/crypto/encoding.js
CriticalSecret Patterndist/github/GitHubAppAuth.d.ts
MediumDynamic Requiredist/modules/tasks/TaskSourceController.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License