AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. Network and filesystem activity is aligned with a Fastify CRUD/auth/upload/database package and is runtime or explicitly user-invoked.
Static reason
One or more suspicious static signals were detected.
Trigger
importing/registering the Fastify plugin or running documented scripts
Impact
Application runtime behavior depends on operator config; no install-time mutation, exfiltration, persistence, or agent control-surface writes identified
Mechanism
Fastify server plugin with configured proxy, DB migrations, uploads, S3/MinIO support, and template helpers
Rationale
Static source inspection shows a server-side Fastify table/admin plugin with configurable proxy/upload/database features, but no lifecycle execution on install, hardcoded exfiltration endpoint, credential harvesting, destructive persistence, or AI-agent control-surface mutation. Scanner hits are explained by expected app functionality and benign string literals.
Evidence
package.jsondist/index.jsdist/config.jsdist/functions.jsdist/script/dump.jsdist/script/migrate.jsdist/server/plugins/policy/xssInjection.jsdist/server/plugins/upload/uploadChunk.jsdist/server/plugins/upload/s3minio.jsconfig.json/data/local/config.json.env.env.${NODE_ENV}.env.${NODE_ENV}.local.env.locallog/dump/*.sqldist/log/migration/*-cls.sqldist/log/migration/*-cls.json
Network endpoints2
config.proxy[].targetconfig.s3.endpoint
Decision evidence
public snapshotAI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has no install/postinstall hook; only prepublishOnly build script
- main dist/index.js exports a Fastify plugin and registers app routes/plugins at runtime
- dist/index.js proxy/fetch behavior is config.proxy-driven, not hardcoded exfiltration
- dist/config.js loads local config/.env into app config; no outbound endpoint or credential harvesting found
- dist/server/plugins/policy/xssInjection.js contains literal XSS denylist strings, not eval execution
- dist/script/dump.js and dist/script/migrate.js are user-invoked DB maintenance scripts writing log/dump or running migrations
Behavioral surface
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/server/plugins/auth/funcs/verifyPassword.jsView file
27patternName = generic_password
severity = medium
line = 27
matchedText = await pg...d]);
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/server/plugins/auth/funcs/verifyPassword.jsView on unpkg · L27dist/server/plugins/policy/xssInjection.jsView file
23'\\x',
L24: 'eval(',
L25: 'onmouseover=',
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/server/plugins/policy/xssInjection.jsView on unpkg · L23dist/functions.jsView file
183return;
L184: const { uid } = config?.auth?.disable || process.env.NODE_ENV !== "admin"
L185: ? { uid: "1" }
...
L233: format: row.format,
L234: data: row.data,
L235: }));
...
L401: ...acc1,
L402: ...JSON.parse(readFileSync(`locales/${curr.name}/${file.name}`, "utf-8").replace(/[\u200B-\u200D\uFEFF]/g, "")),
L403: }), {});
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/functions.jsView on unpkg · L183Findings
3 Medium7 Low
MediumSecret Patterndist/server/plugins/auth/funcs/verifyPassword.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/server/plugins/policy/xssInjection.js
LowWeak Cryptodist/functions.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings