AI Security Review
scanned 13d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The risky primitives are package-aligned browser editor and wasm-loader behavior.
Decision evidence
public snapshot- package.json has no preinstall/install/postinstall scripts and only exports dist JS/CSS entrypoints.
- dist/kerebron.js fetch usage is browser/wasm asset loading, including createAssetLoad(base)(name) from caller-supplied asset base.
- dist/kerebron.js eval occurs inside bundled Emscripten/web-tree-sitter wasm glue for EM_ASM/EM_JS handling, not obfuscated remote code execution.
- dist/kerebron.js localStorage usage stores editor/dev-toolkit snapshots and toolbar order only.
- Unicode control match is a zero-width character in an editor insertion string, not hidden control-flow/source spoofing.
- No credential/env harvesting, exfiltration endpoint, persistence, destructive behavior, or AI-agent control-surface writes found.
Source & flagged code
3 flagged · loading sourceSource contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/kerebron.cjsView on unpkg · L16A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/kerebron.cjsView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/kerebron.cjsView on unpkg · L26