AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is an explicitly invoked Hiver/Docker CLI and local inspector.
Static reason
No blocking static signals were detected.
Trigger
User runs a `hiver` subcommand such as `connect`, `up`, `inspect`, or `bundle`.
Impact
May create `~/.hiver` config/traces and operate selected Docker or Hiver sandbox resources; no covert behavior found.
Mechanism
User-directed Docker orchestration and configured Hiver gateway access.
Rationale
Static source inspection shows no install-time execution or covert malicious chain. The sensitive operations are package-aligned, explicitly user-invoked CLI features with confirmation for Docker installation.
Evidence
package.jsonpackages/commands/bin.jspackages/commands/dist/cli.jspackages/commands/dist/commands.jspackages/commands/dist/config.jspackages/commands/dist/docker.jspackages/commands/dist/inspect/recorder.jspackages/inspector-server/dist/index.jspackages/inspector-server/dist/routes/config.jspackages/inspector-server/dist/routes/sandboxes.js~/.hiver/config.json~/.hiver/traces
Network endpoints2
localhost:10000get.docker.com
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- `packages/commands/dist/docker.js` can run a Docker installer, but only after an interactive confirmation.
- `packages/commands/dist/config.js` writes CLI state under `~/.hiver` on explicit commands.
- `packages/commands/dist/inspect/recorder.js` records selected sandbox data to a local trace file.
Evidence against
- `package.json` has no preinstall, install, or postinstall lifecycle hook.
- `packages/commands/bin.js` only forwards user CLI arguments to the packaged command router.
- `packages/commands/dist/cli.js` dynamically imports only entries from a fixed command registry.
- Gateway traffic targets the configured Hiver URL or `http://localhost:10000`.
- No credential harvesting, AI-agent config mutation, hidden persistence, or third-party exfiltration was found.
- Inspector server routes proxy user-selected Hiver sandbox operations rather than execute import-time actions.
Behavioral surface
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShellWebSocket
HighEntropyStringsMinifiedObfuscatedUrlStrings
NoLicense
Oversized source lightweight scan
packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.js5.10 MB file, sampled 256 KB
ChildProcessShellObfuscatedHighEntropyStringsMinifiedUrlStringscdn.jsdelivr.netgithub.com
Source & flagged code
2 flagged · loading sourcepackages/inspector-client/dist/assets/index-BpDteTnV.jsView file
45* See the LICENSE file in the root directory of this source tree.
L46: */function WorkerWrapper(options){let objURL;try{if(objURL=blob&&(self.URL||self.webkitURL).createObjectURL(blob),!objURL)throw"";const worker=new Worker(objURL,{name:null==options...
L47: /*!
Low
Eval
Package source references a known benign dynamic code generation pattern.
packages/inspector-client/dist/assets/index-BpDteTnV.jsView on unpkg · L45packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.jsView file
•path = packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.js
kind = oversized_source_file
sizeBytes = 5344467
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
packages/inspector-client/dist/assets/monacoThemes-PBddIj7-.jsView on unpkgFindings
1 High3 Medium7 Low
HighOversized Source Filepackages/inspector-client/dist/assets/monacoThemes-PBddIj7-.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalpackages/inspector-client/dist/assets/index-BpDteTnV.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License