registry  /  @embarkai/core  /  0.4.0

@embarkai/core@0.4.0

Framework-agnostic core SDK for EmbarkAI smart accounts

AI Security Review

scanned 7d ago · by lpm-firewall-ai

No confirmed malicious attack surface was found. The package is a web3 smart-account SDK with user-invoked auth, bundler, vault, blockchain RPC, and optional encrypted local keyshare storage behavior.

Static reason
One or more suspicious static signals were detected.
Trigger
Import initializes token manager storage read; network/file effects occur when application calls exported SDK methods.
Impact
Expected authentication, wallet, vault backup, and blockchain operations; no credential harvesting or unconsented exfiltration identified.
Mechanism
Package-aligned SDK API calls and explicit encrypted keyshare storage
Rationale
Static inspection shows expected SDK behavior: exported methods manage JWTs, call EmbarkAI/blockchain services, and optionally store encrypted keyshares. Scanner hits for network, environment variables, tokens, and file I/O are package-aligned and not evidence of malicious install/import-time behavior.
Evidence
package.jsondist/index.cjsdist/clients/index.cjsdist/clients/node.cjsREADME.mddata/keyshares/*.keyshare
Network endpoints9
api.embarkai.io/tssapi.embarkai.io/vaultapi.embarkai.io/rundlerapi.embarkai.io/rundler-arbitrum-sepoliaapi.embarkai.io/rundler-base-sepoliaapi.embarkai.io/rundler-bscapi.embarkai.io/rundler-lark-testnetapi.embarkai.io/rundler-sepoliadashboard.embarkai.io/api

Decision evidence

public snapshot
AI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no lifecycle hooks; scripts are developer-invoked only.
    • dist/index.cjs import initializes JwtTokenManager but only reads configured/local storage; no install-time network or shell execution.
    • Network calls are SDK auth/bundler/vault/blockchain APIs invoked by exported functions, mainly api.embarkai.io and configured RPC/explorer URLs.
    • dist/clients/node.cjs file access is explicit FileKeyshareStorage for encrypted keyshare persistence under config storageDir or ./data/keyshares.
    • Dynamic imports are limited to viem, crypto, and optional dkls23-wasm; no eval, child_process, or hidden downloader found.
    • README env/API-key examples match documented SDK configuration, not embedded secrets.
    Behavioral surface
    Source
    CryptoEnvironmentVarsFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 20 file(s), 926 KB of source, external domains: api.embarkai.io, arbitrum-sepolia-rpc.publicnode.com, base-sepolia-rpc.publicnode.com, beam-explorer.lumia.org, beam-rpc.lumia.org, bnb-testnet.g.alchemy.com, bsc-testnet-rpc.publicnode.com, bsc-testnet.core.chainstack.com, dashboard.embarkai.io, eth.drpc.org, ethereum-rpc.publicnode.com, ethereum-sepolia-rpc.publicnode.com, explorer.lumia.org, lark-explorer.18102024.xyz, lark-rpc.18102024.xyz, mainnet-rpc.lumia.org, rpc.ankr.com, sepolia.arbiscan.io, sepolia.basescan.org, sepolia.etherscan.io, smart-cold-bush.bsc-testnet.quiknode.pro, testnet.bscscan.com

    Source & flagged code

    4 flagged · loading source
    dist/clients/index.jsView file
    593patternName = generic_password severity = medium line = 593 matchedText = "Failed ...or))
    Medium
    Secret Pattern

    Package contains a possible secret pattern.

    dist/clients/index.jsView on unpkg · L593
    dist/clients/index.cjsView file
    595patternName = generic_password severity = medium line = 595 matchedText = "Failed ...or))
    Medium
    Secret Pattern

    Hardcoded password in dist/clients/index.cjs

    dist/clients/index.cjsView on unpkg · L595
    dist/index.jsView file
    2684patternName = generic_password severity = medium line = 2684 matchedText = "Failed ...or))
    Medium
    Secret Pattern

    Hardcoded password in dist/index.js

    dist/index.jsView on unpkg · L2684
    dist/index.cjsView file
    2685patternName = generic_password severity = medium line = 2685 matchedText = "Failed ...or))
    Medium
    Secret Pattern

    Hardcoded password in dist/index.cjs

    dist/index.cjsView on unpkg · L2685

    Findings

    6 Medium4 Low
    MediumSecret Patterndist/clients/index.js
    MediumNetwork
    MediumEnvironment Vars
    MediumSecret Patterndist/clients/index.cjs
    MediumSecret Patterndist/index.js
    MediumSecret Patterndist/index.cjs
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings