AI Security Review
scanned 13d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. Network and WASM-loading behavior is part of a browser editor compatibility bundle and requires caller-provided asset URLs or documented CDN use.
Decision evidence
public snapshot- dist/kerebron.js uses fetch/XMLHttpRequest only for user-configured asset/WASM loading.
- dist/kerebron.js contains eval in bundled Emscripten/tree-sitter runtime support, not standalone payload execution.
- dist/kerebron.js writes only browser localStorage UI state keys for dev toolkit/menu order.
- package.json has no lifecycle scripts; entrypoints are dist/kerebron.js and dist/kerebron.cjs.
- Exports are editor compatibility APIs: CoreEditor, AdvancedEditorKit, ExtensionHistory, createAssetLoad.
- README.md documents CDN/browser usage and @kerebron/wasm asset loading.
- Unicode control scan found no Trojan Source bidi/invisible characters in package entrypoints.
- No credential/env harvesting, persistence, destructive filesystem writes, or exfiltration endpoints found.
Source & flagged code
3 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/kerebron.cjsView on unpkg · L16A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/kerebron.cjsView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/kerebron.cjsView on unpkg · L26