AI Security Review
scanned 5d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package is an embeddable NestJS S3-compatible object store/admin UI that performs expected runtime storage operations under configured DATA_DIR.
Static reason
One or more suspicious static signals were detected.
Trigger
Host application imports OpenBucketModule or serves the bundled admin SPA at runtime.
Impact
Stores, reads, deletes, backs up, and restores user objects as part of documented object-store functionality.
Mechanism
package-aligned NestJS storage/admin routes with local filesystem persistence
Rationale
Static inspection shows a normal NestJS library with no lifecycle execution, no external exfiltration endpoint, and no unconsented control-surface mutation. The scanner signals map to expected env-driven configuration, object-store filesystem writes, and bundled Angular/admin client code.
Evidence
package.jsonsrc/index.jssrc/lib/open-bucket.module.jssrc/lib/open-bucket-core.module.jssrc/lib/common/config/env.schema.jssrc/lib/storage/blob-store.jssrc/lib/storage/sse-key.service.jssrc/lib/admin/backup/backup.service.jsassets/spa/main.jsassets/spa/chunk-JYRQ67KH.jsassets/spa/chunk-LJEO33GY.jsDATA_DIR/blobsDATA_DIR/tmpDATA_DIR/multipartDATA_DIR/trashDATA_DIR/sse.key
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- Runtime writes object data, SQLite/SSE state, multipart temp, trash, and backup spool under configured DATA_DIR.
- assets/spa contains bundled Angular admin UI with relative /api/admin calls and library Function() usage from Formly expression support.
Evidence against
- package.json has no npm lifecycle scripts or bin entries; main only exports NestJS modules/services.
- src/index.js is a CommonJS barrel requiring local package modules, with no install/import-time side effects beyond module loading.
- Network/API usage is package-aligned: S3/admin NestJS routes and relative SPA /api/admin requests; no exfiltration host found.
- Environment reads are required configuration for credentials, JWT, endpoint, DATA_DIR, and test mode.
- No child_process, shell execution, foreign AI-agent control-surface writes, persistence hooks, or remote code loading found.
- Filesystem mutations are runtime storage behavior under operator-supplied dataDir, not install-time project/home mutation.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourceassets/spa/main.jsView file
17595patternName = generic_password
severity = medium
line = 17595
matchedText = password...rd",
Medium
17824patternName = generic_password
severity = medium
line = 17824
matchedText = password...rt",
Medium
Findings
4 Medium3 Low
MediumSecret Patternassets/spa/main.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patternassets/spa/main.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings