AI Security Review
scanned 11m ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package exposes a federation protocol library with explicit runtime HTTPS POST transport and certificate validation.
Static reason
One or more suspicious static signals were detected.
Trigger
Application code imports the library and calls federationCall or test helper functions.
Impact
Sends caller-provided envelope data to caller-provided HTTPS URL; no automatic install/import-time execution or exfiltration observed.
Mechanism
User-invoked mTLS HTTPS POST and local fixture reads for tests
Rationale
Static inspection shows the flagged network and PEM indicators are expected for a federation mTLS transport library and test fixtures, with no lifecycle hook or automatic execution path. No credential harvesting, hardcoded endpoint exfiltration, shell execution, persistence, destructive behavior, or AI-agent control-surface mutation was found.
Evidence
package.jsondist/index.jsdist/test-helpers.jsdist/index.d.tssrc/fixtures-cert.pemsrc/fixtures-key.pemsrc/fixtures-other-cert.pemsrc/fixtures-other-key.pem
Network endpoints4
crewhaus.aigit+https://github.com/crewhaus/factory.gitgithub.com/crewhaus/factory/tree/main/packages/federation-protocol#readmegithub.com/crewhaus/factory/issues
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no preinstall/install/postinstall hooks and exports only dist/index.js.
- dist/index.js only validates/serializes federation envelopes and posts user-supplied envelopes to user-supplied HTTPS URLs with mTLS.
- Network API use is package-aligned transport code; no hardcoded exfiltration host is present.
- Secret-like PEM markers are credential validation strings, not embedded private keys in dist/index.js.
- No child_process, eval/vm/Function, dynamic require/import, persistence, destructive writes, or AI-agent config mutation found.
- dist/test-helpers.js reads local test fixture PEM paths only when explicitly imported; it is not exported by package.json.
Behavioral surface
CryptoFilesystemNetwork
Source & flagged code
4 flagged · loading sourcedist/index.jsView file
108patternName = private_key_rsa
severity = critical
line = 108
matchedText = if (!cre...) &&
Critical
108patternName = private_key_rsa
severity = critical
line = 108
matchedText = if (!cre...) &&
Critical
109patternName = private_key_rsa
severity = critical
line = 109
matchedText = !creds.c...) &&
Critical
110patternName = private_key_ec
severity = critical
line = 110
matchedText = !creds.c...)) {
Critical
Findings
4 Critical1 Medium2 Low
CriticalCritical Secretdist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
MediumNetwork
LowScripts Present
LowFilesystem