AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package exposes a user-invoked HTTPS mTLS federation client and envelope validation helpers aligned with the package description.
Static reason
One or more suspicious static signals were detected.
Trigger
Caller imports the package and invokes federationCall with a URL, envelope, and credentials.
Impact
Sends the caller-provided federation envelope to the caller-provided HTTPS endpoint.
Mechanism
caller-directed HTTPS POST with mTLS and certificate pinning
Rationale
Static source inspection shows the suspicious network and secret signals are package-aligned transport and PEM validation behavior, not install/import-time execution or credential exfiltration. No concrete malicious behavior, persistence, destructive action, AI-agent control mutation, or hidden payload was found.
Evidence
package.jsondist/index.jsdist/index.d.tsdist/test-helpers.jsdist/test-helpers.d.ts
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- dist/index.js imports node:https and performs HTTPS POST in federationCall default transport.
- dist/index.js accepts caller-supplied credentials and checks PEM markers, which likely triggered secret-pattern scanning.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks and exports only dist/index.js.
- dist/index.js network target is caller-supplied opts.url, restricted to https:, and used for documented mTLS federation transport.
- dist/index.js has no env reads, filesystem access, child_process, eval/vm/Function, dynamic require/import, native binaries, or persistence writes.
- dist/index.js PEM/private-key strings are validation markers; no embedded private key or credential value is present.
- dist/test-helpers.js and declaration files are not exported entrypoints and no hidden execution hooks were found.
Behavioral surface
CryptoFilesystemNetwork
Source & flagged code
4 flagged · loading sourcedist/index.jsView file
108patternName = private_key_rsa
severity = critical
line = 108
matchedText = if (!cre...) &&
Critical
108patternName = private_key_rsa
severity = critical
line = 108
matchedText = if (!cre...) &&
Critical
109patternName = private_key_rsa
severity = critical
line = 109
matchedText = !creds.c...) &&
Critical
110patternName = private_key_ec
severity = critical
line = 110
matchedText = !creds.c...)) {
Critical
Findings
4 Critical1 Medium2 Low
CriticalCritical Secretdist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
CriticalSecret Patterndist/index.js
MediumNetwork
LowScripts Present
LowFilesystem