registry  /  @panguard-ai/panguard-trap  /  1.8.9

@panguard-ai/panguard-trap@1.8.9

Smart honeypot for attacker profiling / 智慧蜜罐,誘捕並分析攻擊者

AI Security Review

scanned 5h ago · by lpm-firewall-ai

User-invoked honeypot listeners accept attacker traffic and retain credential/command attempts in memory. Optional cloud telemetry posts anonymized IPs, hashed usernames, and attack metadata only after caller configuration. No install-time execution, hidden payload loading, foreign control-surface mutation, or host credential harvesting was found.

Static reason
One or more suspicious static signals were detected.
Trigger
Import and call `TrapEngine.start()` or run `panguard-trap start`; cloud upload additionally requires `feedThreatCloud` and `threatCloudEndpoint`.
Impact
Intentionally collects attacker-supplied authentication attempts and command inputs; optionally shares minimized derived telemetry.
Mechanism
Protocol honeypot listeners with optional HTTPS threat-intelligence telemetry.
Rationale
This package implements its advertised honeypot function: it listens on configured ports, profiles inbound attacker activity, and has opt-in configured cloud telemetry. Static hints reflect this declared behavior; direct source inspection found no concrete malicious chain.
Evidence
package.jsondist/cli/index.jsdist/trap-engine.jsdist/threat-cloud-uploader.jsdist/pid-file.jsdist/services/ssh-trap.jsdist/services/generic-trap.jsdist/services/http-trap.jsdist/services/mysql-trap.jsdist/services/redis-trap.jsdist/services/smb-trap.jsdist/services/rdp-trap.js
Network endpoints1
<caller-configured HTTPS threatCloudEndpoint>/api/trap-intel

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `dist/services/*-trap.js` deliberately captures credentials and commands from inbound honeypot clients.
  • `dist/threat-cloud-uploader.js` can POST derived trap intelligence to a configured HTTPS endpoint.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
  • `dist/cli/index.js` only starts services when directly invoked as the `panguard-trap` CLI.
  • `dist/trap-engine.js` creates the uploader only when a caller enables cloud feeding and supplies `threatCloudEndpoint`.
  • `dist/threat-cloud-uploader.js` anonymizes source IPs, hashes usernames, rejects non-HTTPS/private endpoints, and disallows redirects.
  • `dist/services/ssh-trap.js` dynamic import loads the declared `ssh2` dependency; recorded `exec` commands receive fake responses rather than OS execution.
  • `dist/pid-file.js` only manages a PID file under the selected data directory.
Behavioral surface
Source
CryptoDynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 18 file(s), 161 KB of source, external domains: help.ubuntu.com, landscape.canonical.com, panguard.ai

Source & flagged code

3 flagged · loading source
dist/services/generic-trap.jsView file
76patternName = generic_password severity = medium line = 76 matchedText = pwd: '...
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/services/generic-trap.jsView on unpkg · L76
dist/services/ssh-trap.jsView file
101logger.info('SSH honeypot using TCP fallback (ssh2 not available)'); L102: const net = await import('node:net'); L103: this.server = net.createServer((socket) => {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/services/ssh-trap.jsView on unpkg · L101
72patternName = generic_password severity = medium line = 72 matchedText = pwd: '...
Medium
Secret Pattern

Hardcoded password in dist/services/ssh-trap.js

dist/services/ssh-trap.jsView on unpkg · L72

Findings

4 Medium4 Low
MediumSecret Patterndist/services/generic-trap.js
MediumDynamic Requiredist/services/ssh-trap.js
MediumNetwork
MediumSecret Patterndist/services/ssh-trap.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings