registry  /  @meridial/react  /  0.4.6

@meridial/react@0.4.6

A React library for embedding the Meridial in-app voice assistant.

AI Security Review

scanned 11h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Runtime network and cobrowse behavior are package-aligned for an in-app voice/support widget and require the embedded Voicebox session to be opened/connected.

Static reason
One or more suspicious static signals were detected.
Trigger
User embeds Voicebox and opens/connects the widget at runtime
Impact
Sends configured publishable key, identifier, instructions, metadata, media/session data, and optional cobrowse events to the support service during a session
Mechanism
Meridial/LiveKit session token fetch, media/data streams, optional cobrowse replay and app-registered tool RPC
Rationale
Static inspection shows a React SDK for a Meridial support widget with user-invoked runtime networking, LiveKit connectivity, documented tool callbacks, and guarded cobrowse recording. Suspicious primitives are aligned with the package purpose and no install-time execution, persistence, exfiltration of local credentials, or AI-agent control-surface mutation was found.
Evidence
package.jsonREADME.mddist/index.jsdist/voicebox.jsdist/chunk-4UT6YTP7.js
Network endpoints2
app.meridial.dev/api/auth/livekit/reactcloud-api.livekit.io/api/v2/sandbox/connection-details

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no install/preinstall/postinstall hooks or bin entrypoints.
    • dist/index.js only re-exports Voicebox/tool/useTool and streams user-supplied reply/tool schema over an active room.
    • dist/chunk-4UT6YTP7.js fetches Meridial token endpoint only when Voicebox chat starts.
    • rrweb recording starts only after a connected participant metadata type is SUPPORT, consistent with documented cobrowse support.
    • Tool RPC executes only application-registered tool definitions after zod validation.
    • No child_process/fs/native loading, persistence, agent config writes, or credential file harvesting found.
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsNetworkWebSocket
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 3 file(s), 1.30 MB of source, external domains: aomediacodec.github.io, app.meridial.dev, base-ui.com, cloud-api.livekit.io, fb.me, meridial.dev, www.w3.org

    Source & flagged code

    1 flagged · loading source
    dist/chunk-4UT6YTP7.jsView file
    13712patternName = generic_password severity = medium line = 13712 matchedText = let sdp2...\n";
    Medium
    Secret Pattern

    Package contains a possible secret pattern.

    dist/chunk-4UT6YTP7.jsView on unpkg · L13712

    Findings

    3 Medium3 Low
    MediumSecret Patterndist/chunk-4UT6YTP7.js
    MediumNetwork
    MediumEnvironment Vars
    LowScripts Present
    LowHigh Entropy Strings
    LowUrl Strings