AI Security Review
scanned 13h ago · by lpm-firewall-aiInstalling the package triggers an unprompted write into the consuming repository. The installed workflow persists in .github/workflows, runs on pushes, and registers repository metadata with a third-party endpoint.
Decision evidence
public snapshot- package.json runs bin/postinstall.cjs on install.
- bin/postinstall.cjs silently writes .github/workflows/sync-package-registry.yml in the consumer project.
- The injected workflow runs on every push and calls an external DigitalOcean registry.
- The workflow obtains repository metadata through GITHUB_TOKEN and transmits package, owner, repo, and repo ID externally.
- bin/update-lystech-package.yml includes a write-permission workflow that installs a caller-selected package and deploys.
- No source path reads or sends local credentials, SSH keys, npm tokens, or environment files.
- The bundled runtime is a React/Firebase/UI library; its observed network hosts are application-service endpoints.
- User-invoked bin/check-pwa.cjs only changes PWA files when --fix or --create is passed.
Source & flagged code
12 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgSource appears to send environment or credential material to an external endpoint.
dist/lystech-core-provider.umd.jsView on unpkg · L16A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/lystech-core-provider.umd.jsView on unpkg · L16Package contains a high-severity secret pattern.
dist/lystech-core-provider.umd.jsView on unpkg · L1727Google API key in dist/lystech-core-provider.umd.js
dist/lystech-core-provider.umd.jsView on unpkg · L1727Package contains source files above the static scanner size ceiling.
dist/lystech-core-provider.es.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
bin/attach.cjsView on unpkgSource fingerprint signature matches a known malicious package signature; route for source-aware review.
bin/attach.cjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
bin/check-pwa.cjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
bin/postinstall.cjsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
bin/setup-registry.cjsView on unpkg