AI Security Review
scanned 5h ago · by lpm-firewall-aiUser-invoked honeypot listeners accept attacker traffic and retain credential/command attempts in memory. Optional cloud telemetry posts anonymized IPs, hashed usernames, and attack metadata only after caller configuration. No install-time execution, hidden payload loading, foreign control-surface mutation, or host credential harvesting was found.
Static reason
One or more suspicious static signals were detected.
Trigger
Import and call `TrapEngine.start()` or run `panguard-trap start`; cloud upload additionally requires `feedThreatCloud` and `threatCloudEndpoint`.
Impact
Intentionally collects attacker-supplied authentication attempts and command inputs; optionally shares minimized derived telemetry.
Mechanism
Protocol honeypot listeners with optional HTTPS threat-intelligence telemetry.
Rationale
This package implements its advertised honeypot function: it listens on configured ports, profiles inbound attacker activity, and has opt-in configured cloud telemetry. Static hints reflect this declared behavior; direct source inspection found no concrete malicious chain.
Evidence
package.jsondist/cli/index.jsdist/trap-engine.jsdist/threat-cloud-uploader.jsdist/pid-file.jsdist/services/ssh-trap.jsdist/services/generic-trap.jsdist/services/http-trap.jsdist/services/mysql-trap.jsdist/services/redis-trap.jsdist/services/smb-trap.jsdist/services/rdp-trap.js
Network endpoints1
<caller-configured HTTPS threatCloudEndpoint>/api/trap-intel
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- `dist/services/*-trap.js` deliberately captures credentials and commands from inbound honeypot clients.
- `dist/threat-cloud-uploader.js` can POST derived trap intelligence to a configured HTTPS endpoint.
Evidence against
- `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
- `dist/cli/index.js` only starts services when directly invoked as the `panguard-trap` CLI.
- `dist/trap-engine.js` creates the uploader only when a caller enables cloud feeding and supplies `threatCloudEndpoint`.
- `dist/threat-cloud-uploader.js` anonymizes source IPs, hashes usernames, rejects non-HTTPS/private endpoints, and disallows redirects.
- `dist/services/ssh-trap.js` dynamic import loads the declared `ssh2` dependency; recorded `exec` commands receive fake responses rather than OS execution.
- `dist/pid-file.js` only manages a PID file under the selected data directory.
Behavioral surface
CryptoDynamicRequireFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/services/generic-trap.jsView file
76patternName = generic_password
severity = medium
line = 76
matchedText = pwd: '...
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/services/generic-trap.jsView on unpkg · L76dist/services/ssh-trap.jsView file
101logger.info('SSH honeypot using TCP fallback (ssh2 not available)');
L102: const net = await import('node:net');
L103: this.server = net.createServer((socket) => {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/services/ssh-trap.jsView on unpkg · L10172patternName = generic_password
severity = medium
line = 72
matchedText = pwd: '...
Medium
Secret Pattern
Hardcoded password in dist/services/ssh-trap.js
dist/services/ssh-trap.jsView on unpkg · L72Findings
4 Medium4 Low
MediumSecret Patterndist/services/generic-trap.js
MediumDynamic Requiredist/services/ssh-trap.js
MediumNetwork
MediumSecret Patterndist/services/ssh-trap.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings