registry  /  @crewhaus/federation-protocol  /  0.1.8

@crewhaus/federation-protocol@0.1.8

Cross-deployment A2A wire protocol: federation envelope (extends @crewhaus/a2a-protocol) + mTLS HTTPS POST transport with cert pinning (Section 34)

AI Security Review

scanned 2d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package exposes a user-invoked HTTPS mTLS federation client and envelope validation helpers aligned with the package description.

Static reason
One or more suspicious static signals were detected.
Trigger
Caller imports the package and invokes federationCall with a URL, envelope, and credentials.
Impact
Sends the caller-provided federation envelope to the caller-provided HTTPS endpoint.
Mechanism
caller-directed HTTPS POST with mTLS and certificate pinning
Rationale
Static source inspection shows the suspicious network and secret signals are package-aligned transport and PEM validation behavior, not install/import-time execution or credential exfiltration. No concrete malicious behavior, persistence, destructive action, AI-agent control mutation, or hidden payload was found.
Evidence
package.jsondist/index.jsdist/index.d.tsdist/test-helpers.jsdist/test-helpers.d.ts

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/index.js imports node:https and performs HTTPS POST in federationCall default transport.
  • dist/index.js accepts caller-supplied credentials and checks PEM markers, which likely triggered secret-pattern scanning.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks and exports only dist/index.js.
  • dist/index.js network target is caller-supplied opts.url, restricted to https:, and used for documented mTLS federation transport.
  • dist/index.js has no env reads, filesystem access, child_process, eval/vm/Function, dynamic require/import, native binaries, or persistence writes.
  • dist/index.js PEM/private-key strings are validation markers; no embedded private key or credential value is present.
  • dist/test-helpers.js and declaration files are not exported entrypoints and no hidden execution hooks were found.
Behavioral surface
Source
CryptoFilesystemNetwork
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 10.1 KB of source

Source & flagged code

4 flagged · loading source
dist/index.jsView file
108patternName = private_key_rsa severity = critical line = 108 matchedText = if (!cre...) &&
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/index.jsView on unpkg · L108
108patternName = private_key_rsa severity = critical line = 108 matchedText = if (!cre...) &&
Critical
Secret Pattern

RSA private key in dist/index.js

dist/index.jsView on unpkg · L108
109patternName = private_key_rsa severity = critical line = 109 matchedText = !creds.c...) &&
Critical
Secret Pattern

RSA private key in dist/index.js

dist/index.jsView on unpkg · L109
110patternName = private_key_ec severity = critical line = 110 matchedText = !creds.c...)) {
Critical
Secret Pattern

EC private key in dist/index.js

dist/index.jsView on unpkg · L110

Findings

4 Critical1 Medium2 Low
CriticalCritical Secretdist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
MediumNetwork
LowScripts Present
LowFilesystem