registry  /  @panguard-ai/panguard-trap  /  1.8.8

@panguard-ai/panguard-trap@1.8.8

Smart honeypot for attacker profiling / 智慧蜜罐,誘捕並分析攻擊者

AI Security Review

scanned 6h ago · by lpm-firewall-ai

Explicit user-started honeypot listeners capture inbound attacker interactions. Optional telemetry POSTs occur only after a caller supplies `threatCloudEndpoint`; no hard-coded upload host is present. No confirmed malicious or install-time attack surface exists.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs `panguard-trap start` or calls `TrapEngine.start()` with enabled services.
Impact
Designed collection of attacker-supplied credentials and commands; source shows no stealthy execution, credential harvesting from the host, or foreign control-surface mutation.
Mechanism
Honeypot network listeners with optional anonymized threat-intelligence upload.
Rationale
Static source inspection supports a package-aligned honeypot implementation, not malicious package behavior. Scanner findings map to explicit listener functionality and dependency-scoped dynamic import, while optional telemetry has privacy and SSRF controls.
Evidence
package.jsondist/cli/index.jsdist/trap-engine.jsdist/threat-cloud-uploader.jsdist/pid-file.jsdist/services/ssh-trap.jsdist/types.jsdist/services/base-service.js

Decision evidence

public snapshot
AI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
    Evidence against
    • package.json has no preinstall/install/postinstall lifecycle hook.
    • dist/cli/index.js starts listeners only on explicit `start`; stop targets its own data-dir PID file.
    • dist/services/ssh-trap.js dynamically imports only declared dependency `ssh2` and Node built-ins.
    • dist/threat-cloud-uploader.js requires a supplied HTTPS endpoint, rejects private/reserved hosts and redirects.
    • dist/threat-cloud-uploader.js uploads anonymized IPs and hashed usernames, not captured passwords.
    • No child-process, eval/vm, native loading, or broad filesystem harvesting found in packaged JS.
    Behavioral surface
    Source
    CryptoDynamicRequireFilesystemNetwork
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 18 file(s), 161 KB of source, external domains: help.ubuntu.com, landscape.canonical.com, panguard.ai

    Source & flagged code

    3 flagged · loading source
    dist/services/generic-trap.jsView file
    76patternName = generic_password severity = medium line = 76 matchedText = pwd: '...
    Medium
    Secret Pattern

    Package contains a possible secret pattern.

    dist/services/generic-trap.jsView on unpkg · L76
    dist/services/ssh-trap.jsView file
    101logger.info('SSH honeypot using TCP fallback (ssh2 not available)'); L102: const net = await import('node:net'); L103: this.server = net.createServer((socket) => {
    Medium
    Dynamic Require

    Package source references dynamic require/import behavior.

    dist/services/ssh-trap.jsView on unpkg · L101
    72patternName = generic_password severity = medium line = 72 matchedText = pwd: '...
    Medium
    Secret Pattern

    Hardcoded password in dist/services/ssh-trap.js

    dist/services/ssh-trap.jsView on unpkg · L72

    Findings

    4 Medium4 Low
    MediumSecret Patterndist/services/generic-trap.js
    MediumDynamic Requiredist/services/ssh-trap.js
    MediumNetwork
    MediumSecret Patterndist/services/ssh-trap.js
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings