AI Security Review
scanned 2h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The only install-time behavior is a best-effort stale-types check that exits silently and, in this packaged artifact, returns before making a network request because the referenced src file is absent.
Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall or user-invoked SDK API calls
Impact
Normal SDK requests may send user-provided API credentials to OpenRouter; no exfiltration or unconsented mutation found.
Mechanism
package-aligned OpenRouter SDK HTTP client and inert stale-types checker
Rationale
Static inspection shows a generated OpenRouter SDK with package-aligned network behavior and a postinstall type-staleness check that does not write files or harvest secrets. Suspicious scanner hits are explained by expected SDK networking, environment-based API-key configuration, and the benign lifecycle script.
Evidence
package.jsonscripts/check-types.jsesm/index.jsesm/lib/config.jsesm/lib/http.jsesm/lib/security.jsesm/lib/env.jsesm/sdk/sdk.jsesm/funcs/modelsList.jsesm/types/models.jssrc/types/models.ts
Network endpoints2
openrouter.ai/api/v1openrouter.ai/api/v1/models
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- package.json defines postinstall: node scripts/check-types.js || true
- scripts/check-types.js can fetch https://openrouter.ai/api/v1/models if src/types/models.ts exists and env skips are unset
Evidence against
- scripts/check-types.js only reads a local model-types file, hashes model IDs, and writes a warning to stderr; no file writes or credential access
- In this package, src/types/models.ts is absent, so postinstall returns before network fetch
- esm/index.js only re-exports SDK modules
- esm/lib/config.js sets the SDK base URL to https://openrouter.ai/api/v1
- esm/lib/security.js reads OPENROUTER_API_KEY only for Authorization on user-invoked API calls
- No child_process, eval/vm, native binaries, persistence, destructive behavior, or AI-agent config writes found
Behavioral surface
CryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsTelemetryUrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node scripts/check-types.js || true
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = node scripts/check-types.js || true
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium6 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings