AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface was established. The package exposes ActivityPub federation and Mastodon-compatible routes that intentionally perform remote lookups and signed deliveries.
Static reason
One or more suspicious static signals were detected.
Trigger
Runtime use after an Indiekit site installs and initializes the endpoint, or authenticated admin/API user actions.
Impact
Expected federation data exchange and local Mongo/Redis collection updates; no evidence of covert exfiltration or unauthorized code execution.
Mechanism
Legitimate ActivityPub federation, OAuth, remote lookup, and delivery logic.
Rationale
Static inspection shows a feature-rich ActivityPub endpoint with expected network and key-management primitives, but no install-time execution, hidden payload, credential harvesting, or unconsented control-surface mutation. The scanner secret finding is explained by runtime federation key storage and signing code rather than a hardcoded secret.
Evidence
package.jsonindex.jslib/federation-setup.jslib/endpoint-federation.jslib/direct-follow.jslib/fedidb.jslib/og-unfurl.jslib/mastodon/routes/oauth.js
Network endpoints4
api.fedidb.org/v1tags.pubgetindiekit.comgithub.com/getindiekit/indiekit
Decision evidence
public snapshotAI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
- Network-capable ActivityPub/Mastodon plugin sends federation requests to remote actors/inboxes.
- lib/federation-setup.js stores generated Ed25519 private keys in ap_keys for federation signing.
- lib/fedidb.js calls https://api.fedidb.org/v1 for instance/account discovery.
- lib/direct-follow.js hardcodes tags.pub compatibility path for signed Follow/Undo delivery.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks and main is index.js.
- Secret-like privateKeyPem/privateKeyJwk references are loaded/generated runtime federation keys, not embedded credentials.
- Network calls are package-aligned: WebFinger, ActivityPub delivery, Mastodon timelines, FediDB discovery, OpenGraph unfurling.
- No child_process, shell execution, eval/vm/Function, native binary loading, persistence, destructive filesystem actions, or AI-agent control writes found.
- OAuth tokens/client secrets are generated and stored for the local Mastodon-compatible API, not harvested from environment or exfiltrated.
Behavioral surface
ChildProcessCryptoNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcelib/federation-setup.jsView file
935patternName = private_key_rsa
severity = critical
line = 935
matchedText = .replace... "")
Critical
Critical Secret
Package contains a critical-looking secret pattern.
lib/federation-setup.jsView on unpkg · L935935patternName = private_key_rsa
severity = critical
line = 935
matchedText = .replace... "")
Critical
Findings
2 Critical1 Medium3 Low
CriticalCritical Secretlib/federation-setup.js
CriticalSecret Patternlib/federation-setup.js
MediumNetwork
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings