AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a compiled NestJS common library with decorators, guards, config validation, encryption, and utility exports; sensitive-looking strings are schema keys or environment variable names.
Static reason
One or more suspicious static signals were detected.
Trigger
Consumer imports library or explicitly calls config/helper APIs at runtime.
Impact
No evidence of credential harvesting, exfiltration, persistence, destructive behavior, or unconsented install-time mutation.
Mechanism
Runtime config validation and framework helper utilities
Rationale
Static source inspection shows legitimate framework/configuration utilities; scanner hits map to environment/config schema handling and benign crypto use. There is no lifecycle execution, automatic outbound networking, exfiltration, destructive action, or AI-agent control hijack.
Evidence
package.jsondist/index.jsdist/config/configuration.jsdist/config/env-config.service.jsdist/config/validation/keys.validation.jsdist/encryption.service.jsdist/utils/audit-signature.util.jsdist/decorators/cache/cache.decorator.js
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- dist/config/configuration.js can read consumer config.local.yaml and keys/config.json only when initConfig/initKeysConfig/getSecretConfigByKey are called.
- dist/config/env-config.service.js exposes env-derived config getters, including local/internal URLs and tokens.
- dist/config/validation/keys.validation.js contains credential field schemas such as private_key/apiKey/accessKey, not embedded secret values.
Evidence against
- package.json has no preinstall/install/postinstall hooks and no bin entry.
- dist/index.js only re-exports NestJS modules/utilities; no install-time mutation or network action found.
- No child_process, eval/vm/Function, native binary loading, broad filesystem writes, or AI-agent control-surface writes found.
- Crypto use is package-aligned: AES-256-GCM encryption, HMAC-SHA256 audit signatures, and MD5 only for cache/feature bucketing keys.
- Network strings are config schemas/examples/default localhost values; no exfiltration endpoint or automatic outbound request found.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystem
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/config/validation/keys.validation.jsView file
37patternName = private_key_rsa
severity = critical
line = 37
matchedText = .refine(...), {
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/config/validation/keys.validation.jsView on unpkg · L3737patternName = private_key_rsa
severity = critical
line = 37
matchedText = .refine(...), {
Critical
Secret Pattern
RSA private key in dist/config/validation/keys.validation.js
dist/config/validation/keys.validation.jsView on unpkg · L37dist/decorators/cache/cache.decorator.jsView file
32* })
L33: * async updateUser(userId: string, data: any) { ... }
L34: * ```
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/decorators/cache/cache.decorator.jsView on unpkg · L32Findings
2 Critical1 Medium6 Low
CriticalCritical Secretdist/config/validation/keys.validation.js
CriticalSecret Patterndist/config/validation/keys.validation.js
MediumEnvironment Vars
LowScripts Present
LowWeak Cryptodist/decorators/cache/cache.decorator.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License