registry  /  @panguard-ai/panguard-trap  /  1.8.10

@panguard-ai/panguard-trap@1.8.10

Smart honeypot for attacker profiling / 智慧蜜罐,誘捕並分析攻擊者

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No unconsented install-time or import-time attack behavior is established. The package is an explicitly started honeypot that can collect attacker-session data and optionally upload sanitized intelligence only when an endpoint is configured.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `panguard-trap start`/`deploy` or constructs `TrapEngine` with enabled services and a threat-cloud endpoint.
Impact
Intended honeypot operation; no confirmed package-host compromise, persistence, or stealth exfiltration.
Mechanism
Starts local decoy network services and optionally POSTs sanitized trap intelligence.
Rationale
Scanner hits are package-aligned: the dynamic import loads the declared SSH implementation, while network and credential patterns implement an explicitly invoked honeypot. No lifecycle hook, autonomous execution, foreign control-surface mutation, or concrete malicious chain was found.
Evidence
package.jsondist/index.jsdist/cli/index.jsdist/trap-engine.jsdist/threat-cloud-uploader.jsdist/services/ssh-trap.jsdist/types.jsdist/pid-file.jsdist/services/generic-trap.jsdist/services/base-service.js

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • `package.json` has no preinstall/install/postinstall hooks.
    • `dist/index.js` only exports APIs; importing does not start services.
    • `dist/cli/index.js` starts listeners only for explicit `start`/`deploy` commands.
    • `dist/services/ssh-trap.js` dynamically imports the literal optional `ssh2` package, then falls back to `node:net`.
    • `dist/threat-cloud-uploader.js` uploads only when a caller supplies `threatCloudEndpoint`; payload anonymizes IPs and hashes usernames.
    • No child-process execution, eval/vm, native loading, agent-control writes, or host credential harvesting found.
    Behavioral surface
    Source
    CryptoDynamicRequireFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 18 file(s), 161 KB of source, external domains: help.ubuntu.com, landscape.canonical.com, panguard.ai

    Source & flagged code

    3 flagged · loading source
    dist/services/generic-trap.jsView file
    76patternName = generic_password severity = medium line = 76 matchedText = pwd: '...
    Medium
    Secret Pattern

    Package contains a possible secret pattern.

    dist/services/generic-trap.jsView on unpkg · L76
    dist/services/ssh-trap.jsView file
    101logger.info('SSH honeypot using TCP fallback (ssh2 not available)'); L102: const net = await import('node:net'); L103: this.server = net.createServer((socket) => {
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/services/ssh-trap.jsView on unpkg · L101
    72patternName = generic_password severity = medium line = 72 matchedText = pwd: '...
    Medium
    Secret Pattern

    Hardcoded password in dist/services/ssh-trap.js

    dist/services/ssh-trap.jsView on unpkg · L72

    Findings

    4 Medium4 Low
    MediumSecret Patterndist/services/generic-trap.js
    MediumDynamic Requiredist/services/ssh-trap.js
    MediumNetwork
    MediumSecret Patterndist/services/ssh-trap.js
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings