AI Security Review
scanned 1d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found by static inspection. Suspicious primitives are runtime backend features aligned with a Fastify CRUD/auth/file-management package.
Static reason
One or more suspicious static signals were detected.
Trigger
User imports/registers the Fastify plugin or runs documented scripts/routes.
Impact
No evidence of install-time execution, credential harvesting, persistence, unconsented agent mutation, or hardcoded exfiltration.
Mechanism
Runtime web server, database, proxy, upload, and metrics functionality.
Rationale
The package contains broad backend capabilities, but inspected source shows them as runtime, user-configured Fastify application features rather than malware. No lifecycle install hook, foreign AI-agent control-surface mutation, secret exfiltration, remote payload loading, or destructive persistence was found.
Evidence
package.jsonREADME.mddist/index.jsdist/config.jsdist/functions.jsdist/server/plugins/metric/loggerSystem.jsdist/server/plugins/policy/xssInjection.jsdist/server/plugins/auth/funcs/verifyPassword.jsdist/server/plugins/file/uploadMultiPart.jsdist/server/plugins/upload/startUpload.jsdist/server/plugins/upload/uploadChunk.jsdist/server/routes/auth/controllers/euSign/authByData.js
Network endpoints2
id.softpro.uansdi.gov.ua
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- Runtime proxying in dist/index.js forwards requests to configured config.proxy targets.
- Runtime system metrics endpoint in dist/server/plugins/metric/loggerSystem.js runs fixed command top -b -n 1 on non-Windows.
- Runtime file/upload helpers write user uploads under configured storage paths.
Evidence against
- package.json has no install/postinstall/prepare hook; prepublishOnly only runs build before publishing.
- dist/index.js is a Fastify plugin registering CRUD/auth/upload/proxy routes; network targets are config-driven runtime behavior.
- dist/config.js reads local config/env into application config but does not exfiltrate secrets.
- dist/server/plugins/policy/xssInjection.js only contains XSS signature strings; no eval execution.
- No AI-agent control-surface files or lifecycle writes found.
- README.md describes a backend toolkit for Fastify, CRUD, auth, PostgreSQL, Redis, and migrations.
Behavioral surface
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/server/plugins/auth/funcs/verifyPassword.jsView file
27patternName = generic_password
severity = medium
line = 27
matchedText = await pg...d]);
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/server/plugins/auth/funcs/verifyPassword.jsView on unpkg · L27dist/server/plugins/policy/xssInjection.jsView file
23'\\x',
L24: 'eval(',
L25: 'onmouseover=',
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/server/plugins/policy/xssInjection.jsView on unpkg · L23dist/functions.jsView file
183return;
L184: const { uid } = config?.auth?.disable || process.env.NODE_ENV !== "admin"
L185: ? { uid: "1" }
...
L233: format: row.format,
L234: data: row.data,
L235: }));
...
L401: ...acc1,
L402: ...JSON.parse(readFileSync(`locales/${curr.name}/${file.name}`, "utf-8").replace(/[\u200B-\u200D\uFEFF]/g, "")),
L403: }), {});
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/functions.jsView on unpkg · L183Findings
3 Medium7 Low
MediumSecret Patterndist/server/plugins/auth/funcs/verifyPassword.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/server/plugins/policy/xssInjection.js
LowWeak Cryptodist/functions.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings