registry  /  @openrouter/sdk  /  0.13.31

@openrouter/sdk@0.13.31

The OpenRouter TypeScript SDK is a type-safe toolkit for building AI applications with access to 400+ language models through a unified API.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface. The only install-time behavior is a best-effort stale-types check that exits silently and, in this packaged artifact, returns before making a network request because the referenced src file is absent.

Static reason
One or more suspicious static signals were detected.
Trigger
npm install postinstall or user-invoked SDK API calls
Impact
Normal SDK requests may send user-provided API credentials to OpenRouter; no exfiltration or unconsented mutation found.
Mechanism
package-aligned OpenRouter SDK HTTP client and inert stale-types checker
Rationale
Static inspection shows a generated OpenRouter SDK with package-aligned network behavior and a postinstall type-staleness check that does not write files or harvest secrets. Suspicious scanner hits are explained by expected SDK networking, environment-based API-key configuration, and the benign lifecycle script.
Evidence
package.jsonscripts/check-types.jsesm/index.jsesm/lib/config.jsesm/lib/http.jsesm/lib/security.jsesm/lib/env.jsesm/sdk/sdk.jsesm/funcs/modelsList.jsesm/types/models.jssrc/types/models.ts
Network endpoints2
openrouter.ai/api/v1openrouter.ai/api/v1/models

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
  • package.json defines postinstall: node scripts/check-types.js || true
  • scripts/check-types.js can fetch https://openrouter.ai/api/v1/models if src/types/models.ts exists and env skips are unset
Evidence against
  • scripts/check-types.js only reads a local model-types file, hashes model IDs, and writes a warning to stderr; no file writes or credential access
  • In this package, src/types/models.ts is absent, so postinstall returns before network fetch
  • esm/index.js only re-exports SDK modules
  • esm/lib/config.js sets the SDK base URL to https://openrouter.ai/api/v1
  • esm/lib/security.js reads OPENROUTER_API_KEY only for Authorization on user-invoked API calls
  • No child_process, eval/vm, native binaries, persistence, destructive behavior, or AI-agent config writes found
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 824 file(s), 1.72 MB of source, external domains: api.braintrust.dev, api.ramp.com, api.smith.langchain.com, api.us5.datadoghq.com, openrouter.ai, otlp-gateway-prod-us-west-0.grafana.net, otlp.arize.com, trace.wandb.ai, us.cloud.langfuse.com, us.i.posthog.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/check-types.js || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node scripts/check-types.js || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium6 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings