AI Security Review
scanned 3h ago · by lpm-firewall-aiExplicit runtime APIs can execute server-fetched plugin JavaScript with host-process capabilities. An explicit browser-extension API can execute returned commands in an active tab, including custom JavaScript.
Static reason
No blocking static signals were detected.
Trigger
Caller invokes `initializePlugin(..., { execute: true })` or `executeBrowserCommands(...)` in a Chrome extension context.
Impact
A compromised or malicious cloud plugin/command response could execute code with the invoking Node process or extension-tab permissions.
Mechanism
Remote plugin VM execution and browser-tab command execution.
Rationale
No malicious install-time, credential-harvesting, persistence, or stealth behavior was found. The package nevertheless exposes explicit remote-content execution paths with broad host/browser authority, warranting a warning.
Evidence
package.jsonbuild/index.jsbuild/CloudResourceAPI.jsbuild/PluginManager.jsbuild/BrowserAutomationManager.jsbuild/CloudDatabaseManager.jsREADME.md
Network endpoints1
core.juggernautlabs.ai
Decision evidence
public snapshotAI called this Suspicious at 91.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
- `build/index.js` fetches plugin content then executes it when `execute: true`.
- `build/PluginManager.js` runs fetched script with `vm.runInContext`.
- Plugin VM exposes `require`, `process`, `global`, `fetch`, and `Buffer`.
- `build/BrowserAutomationManager.js` executes cloud-result commands in active Chrome tabs, including `new Function`.
- Browser automation requires an explicit runtime call and Chrome extension APIs.
Evidence against
- `package.json` has no preinstall/install/postinstall hook; only `prepublishOnly`.
- No package code reads local credentials, agent configuration, or filesystem paths before user-invoked APIs.
- Network requests target the package-aligned `https://core.juggernautlabs.ai` API.
- No persistence, destructive shell execution, or import-time remote payload execution found.
Behavioral surface
CryptoDynamicRequireEvalNetwork
MinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcebuild/esm/BrowserAutomationManager.jsView file
191try {
L192: const fn = new Function('args', command.fn);
L193: return { executed: true, result: fn(command.args) };
Low
Eval
Package source references a known benign dynamic code generation pattern.
build/esm/BrowserAutomationManager.jsView on unpkg · L191build/CloudDatabaseManager.jsView file
6exports.DatabaseSchema = void 0;
L7: const CloudResourceAPI_js_1 = __importDefault(require("./CloudResourceAPI.js"));
L8: class CloudDatabaseManager {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
build/CloudDatabaseManager.jsView on unpkg · L6build/esm/PluginManager.jsView file
17__filename: pluginName,
L18: __dirname: '',
L19: process,
...
L33: FileReader: globalThis.FileReader,
L34: FormData: globalThis.FormData,
L35: ReadableStream: globalThis.ReadableStream,
...
L38: TextEncoder: globalThis.TextEncoder,
L39: TextDecoder: globalThis.TextDecoder,
L40: EventTarget: globalThis.EventTarget,
Medium
Unsafe Vm Context
Package source executes code through a VM context API.
build/esm/PluginManager.jsView on unpkg · L17Findings
3 Medium4 Low
MediumDynamic Requirebuild/CloudDatabaseManager.js
MediumUnsafe Vm Contextbuild/esm/PluginManager.js
MediumNetwork
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvalbuild/esm/BrowserAutomationManager.js
LowUrl Strings