AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a headless Elyx editor client that connects to Elyx API/websocket endpoints when user code calls setup/export helpers with credentials.
Static reason
One or more suspicious static signals were detected.
Trigger
Runtime import/use of Editor or explicit export/create-test CLI invocation
Impact
Fetches/updates Elyx project data using caller-provided tokens; optional CLI writes JSON/test boilerplate to user-selected paths.
Mechanism
package-aligned API/websocket client and optional local export writer
Rationale
Static inspection found user-invoked editor/export functionality with package-aligned network calls and local file writes, plus local token logging risk, but no install-time execution, exfiltration, remote payload execution, persistence, or destructive behavior. Scanner secret/network hints are explained by client configuration and normal Elyx service access.
Evidence
package.jsondist/config.jsdist/index.jsdist/export-project.jsdist/export-project-cli.jsdist/create-test-cli.js.env.testmock-project-record-*.json*.test.ts
Network endpoints6
api.dev.elyx.techws.dev.elyx.techapi.staging.elyx.techwss://ws.staging.elyx.techapi.elyx.techwss://ws.elyx.tech
Decision evidence
public snapshotAI called this Clean at 88.0% confidence as Benign with medium false-positive risk.
Evidence for block
- dist/index.js logs accessToken and refreshToken during setup, but only to local Logger and no exfil path was found.
- dist/export-project.js and CLI files read JWT env vars/.env.test and write user-requested export/test files.
Evidence against
- package.json has no preinstall/install/postinstall hooks and main is dist/index.js.
- dist/config.js contains publishable Stripe/Google/AWS Cognito client IDs and Elyx service URLs, not private secrets.
- Network use in dist/index.js is package-aligned API/websocket access to Elyx editor/publishing services with caller-provided tokens.
- No child_process, eval/vm/Function, native binary loading, persistence, destructive behavior, or AI-agent config mutation found.
- dist/export-project-cli.js and dist/create-test-cli.js are explicit user-invoked scripts, not lifecycle execution.
Behavioral surface
EnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcedist/config.jsView file
40patternName = google_api_key
severity = high
line = 40
matchedText = GOOGLE_P...EA',
High
40patternName = google_api_key
severity = high
line = 40
matchedText = GOOGLE_P...EA',
High
76patternName = google_api_key
severity = high
line = 76
matchedText = GOOGLE_P...EA',
High
111patternName = google_api_key
severity = high
line = 111
matchedText = GOOGLE_P...EA',
High
Findings
4 High2 Medium4 Low
HighHigh Secretdist/config.js
HighSecret Patterndist/config.js
HighSecret Patterndist/config.js
HighSecret Patterndist/config.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings