AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface by static source inspection. The package is a React wallet/auth connector with runtime OAuth, gRPC, and Hyperliquid API calls.
Static reason
One or more suspicious static signals were detected.
Trigger
Importing/using React provider, login, or EOA wallet actions at runtime
Impact
Expected authentication, token refresh, wallet/agent signing, and exchange API access for the library
Mechanism
User-invoked auth and trading client operations
Rationale
The suspicious network and token handling are aligned with the package's documented Hypurr/Hyperliquid wallet connector purpose, and source inspection found no install-time payload, exfiltration, persistence, or foreign AI-agent control-surface mutation. The git dependency and prepare husky script are development/package-maintenance signals rather than concrete malicious behavior in the published source.
Evidence
package.jsonsrc/index.tssrc/grpc.tssrc/HypurrConnectProvider.tsxsrc/agent.tssrc/privateKeySigner.tssrc/types.tsdist/index.js
Network endpoints9
grpc.hypurr.funauth.hypurr.fun/loginmedia.hypurr.funapi.hyperliquid.xyz/infoapi.hyperliquid-testnet.xyz/infoapi.hyperliquid.xyz/exchangeapi.hyperliquid-testnet.xyz/exchangeapi-ui.hyperliquid-testnet.xyz/exchangefonts.googleapis.com/css2
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json has prepare:"husky", but no postinstall/preinstall and no .husky files in package listing
- Runtime stores auth/agent data in browser localStorage/sessionStorage
- EOA flow generates and stores a local agent private key after wallet signing
Evidence against
- package.json entrypoints are dist/index.js and src/index.ts React exports, not install-time code
- rg found no child_process, fs writes, eval/new Function, dynamic require, AI-agent config writes, or shell persistence
- Network calls are product-aligned: Hypurr auth/gRPC and Hyperliquid info/exchange APIs
- Telegram OAuth uses state/code verifier and configured/default auth hub token exchange
- Agent approval requires caller-provided wallet signer and posts signed approveAgent to Hyperliquid
Behavioral surface
ChildProcessNetwork
HighEntropyStringsUrlStrings
GitDependencyNoLicense
Source & flagged code
1 flagged · loading sourcepackage.jsonView file
•Published source reference
Low
Suspicious Lifecycle Evidence
package.json has prepare:"husky", but no postinstall/preinstall and no .husky files in package listing
package.jsonView on unpkgFindings
2 Medium8 Low
MediumNetwork
MediumGit Dependency
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License
LowSuspicious Lifecycle Evidencepackage.json
LowAi Review Evidence
LowAi Review Evidence