AI Security Review
scanned 8d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. Runtime network activity is expected for an ActivityPub federation endpoint and is user/admin-triggered or federation-triggered.
Static reason
One or more suspicious static signals were detected.
Trigger
Indiekit plugin initialization, authenticated admin actions, ActivityPub inbox/outbox handling, or configured background federation tasks.
Impact
Expected social federation behavior; no evidence of credential harvesting, arbitrary code execution, persistence outside app data, or destructive behavior.
Mechanism
ActivityPub federation, remote object lookup, Micropub posting/media upload, and Mastodon-compatible API routing.
Rationale
Static inspection shows a legitimate Indiekit ActivityPub endpoint whose suspicious primitives are aligned with federation, OAuth, key signing, and admin-controlled posting. No install-time execution, hidden payload, credential exfiltration, arbitrary command execution, or AI-agent control-surface mutation was found.
Evidence
package.jsonindex.jslib/federation-setup.jslib/endpoint-federation.jslib/direct-follow.jslib/lookup-helpers.jslib/og-unfurl.jslib/routes/admin-routes.jslib/routes/public-routes.jslib/controllers/federation-mgmt.jslib/controllers/explore.jslib/controllers/compose.js
Network endpoints3
api.fedidb.org/v1tags.pubwww.w3.org/ns/activitystreams
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- Network-capable ActivityPub/Mastodon plugin with outbound fetch/send paths in lib/direct-follow.js, lib/fedidb.js, lib/controllers/explore.js, and lib/controllers/compose.js.
- Stores user-owned ActivityPub keys and OAuth tokens in configured Indiekit/Mongo collections, e.g. ap_keys and ap_oauth_tokens in index.js.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks and exports only index.js.
- index.js initializes Indiekit routes, collections, Fedify federation, and deferred background workers; no import-time payload or filesystem mutation found.
- lib/federation-setup.js privateKeyJwk/privateKeyPem handling generates or loads local ActivityPub signing keys, not embedded secrets or exfiltration.
- No child_process, shell execution, eval/Function, native addon, wasm, or executable payload files found by source search.
- Network endpoints are package-aligned: ActivityPub inbox/outbox delivery, Fedify lookups, Micropub media/posting, and FediDB discovery.
- Admin mutating routes use CSRF checks or token middleware in inspected controllers/routes.
Behavioral surface
ChildProcessCryptoNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcelib/federation-setup.jsView file
935patternName = private_key_rsa
severity = critical
line = 935
matchedText = .replace... "")
Critical
Critical Secret
Package contains a critical-looking secret pattern.
lib/federation-setup.jsView on unpkg · L935935patternName = private_key_rsa
severity = critical
line = 935
matchedText = .replace... "")
Critical
Findings
2 Critical1 Medium3 Low
CriticalCritical Secretlib/federation-setup.js
CriticalSecret Patternlib/federation-setup.js
MediumNetwork
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings