registry  /  @meridial/react  /  0.4.3

@meridial/react@0.4.3

A React library for embedding the Meridial in-app voice assistant.

AI Security Review

scanned 2d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The risky primitives are runtime cobrowse, LiveKit networking, and user-defined tool execution for a documented support voice assistant SDK.

Static reason
One or more suspicious static signals were detected.
Trigger
User embeds Voicebox and starts a chat/call session in the browser.
Impact
Runtime page replay and app-defined actions may be sent to the configured Meridial/LiveKit session, but no hidden install/import-time compromise was found.
Mechanism
documented voice assistant, cobrowse recording, remote scroll, and schema-validated app tool RPC
Rationale
Static inspection shows a React SDK whose network, rrweb, LiveKit, and tool RPC behavior matches the documented voice assistant/cobrowse product surface. There are sensitive dual-use browser capabilities, but they are user-invoked and package-aligned with no hidden lifecycle execution, exfiltration, persistence, or destructive behavior.
Evidence
package.jsonREADME.mddist/index.jsdist/voicebox.jsdist/chunk-KLCKOOAO.js
Network endpoints3
app.meridial.dev/api/auth/livekit/reactmeridial.devcloud-api.livekit.io

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • dist/chunk-KLCKOOAO.js starts rrweb recording and streams replay events after a SUPPORT participant joins.
  • dist/chunk-KLCKOOAO.js accepts LiveKit data topics for remote scroll/cursor/annotation and RPC tool calls.
  • dist/chunk-KLCKOOAO.js posts session data and publishableKey to /api/auth/livekit/react on app.meridial.dev by default.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle scripts or bin entries.
  • dist/index.js and dist/voicebox.js only re-export React SDK entrypoints.
  • README.md documents voice assistant, cobrowse escalation, publishableKey/baseUrl, and user-defined agent tools.
  • Tool RPC only executes application-provided tools after zod schema validation; no built-in shell/fs execution found.
  • No credential/env harvesting, destructive file operations, persistence, or AI-agent control-surface writes found.
Behavioral surface
Source
ChildProcessEnvironmentVarsNetworkWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 1.29 MB of source, external domains: aomediacodec.github.io, app.meridial.dev, base-ui.com, cloud-api.livekit.io, fb.me, meridial.dev, www.w3.org

Source & flagged code

1 flagged · loading source
dist/chunk-KLCKOOAO.jsView file
13565patternName = generic_password severity = medium line = 13565 matchedText = let sdp2...\n";
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/chunk-KLCKOOAO.jsView on unpkg · L13565

Findings

3 Medium3 Low
MediumSecret Patterndist/chunk-KLCKOOAO.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings