AI Security Review
scanned 2h ago · by lpm-firewall-aiRuntime Graph and Salesforce helpers can attach access tokens to arbitrary HTTPS destinations when callers supply absolute URLs. No install-time, import-time, persistence, or local-file attack behavior was found.
Static reason
One or more suspicious static signals were detected.
Trigger
A consumer calls `graphFetch` or `restFetch` with an attacker-controlled absolute HTTPS URL.
Impact
An application that passes untrusted request paths could disclose its Microsoft or Salesforce access token to an external host.
Mechanism
Bearer-token forwarding to caller-supplied absolute HTTPS URLs.
Rationale
Source inspection found no malicious lifecycle behavior, credential harvesting, persistence, or hidden network destination. However, unrestricted absolute-URL support combined with automatic bearer-token headers creates a concrete credential-disclosure risk in unsafe integrations.
Evidence
package.jsondist/providers/microsoft/graph.jsdist/providers/salesforce/client.jsdist/providers/microsoft/provider.jsdist/providers/salesforce/provider.jsdist/auth.jsdist/providers/microsoft/validate.jsdist/providers/microsoft/index.jsdist/providers/salesforce/index.jsdist/providers/salesforce/provider.d.ts
Network endpoints3
login.microsoftonline.comgraph.microsoft.com/v1.0login.salesforce.com
Decision evidence
public snapshotAI called this Suspicious at 88.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
- `dist/providers/microsoft/graph.js` sends its bearer token to any caller-supplied absolute `https://` URL.
- `dist/providers/salesforce/client.js` likewise accepts arbitrary absolute HTTPS URLs and attaches its Salesforce bearer token.
Evidence against
- `package.json` has only `prepublishOnly`; no install-time hook is present.
- `dist/auth.js` only maintains in-memory provider/token caches.
- Provider credentials are explicit options; no environment, filesystem, shell, eval, or dynamic loading is used.
- Fixed token exchanges target Microsoft and Salesforce authentication endpoints.
- `dist/providers/salesforce/provider.d.ts` describes a caller-provided private-key field, not an embedded secret.
Behavioral surface
ChildProcessNetwork
UrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/providers/salesforce/provider.d.tsView file
14patternName = private_key_rsa
severity = critical
line = 14
matchedText = * RSA pr...---`
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/providers/salesforce/provider.d.tsView on unpkg · L1414patternName = private_key_rsa
severity = critical
line = 14
matchedText = * RSA pr...---`
Critical
Secret Pattern
RSA private key in dist/providers/salesforce/provider.d.ts
dist/providers/salesforce/provider.d.tsView on unpkg · L14README.mdView file
130patternName = private_key_rsa
severity = critical
line = 130
matchedText = The priv...ck).
Critical
Findings
3 Critical1 Medium4 Low
CriticalCritical Secretdist/providers/salesforce/provider.d.ts
CriticalSecret Patterndist/providers/salesforce/provider.d.ts
CriticalSecret PatternREADME.md
MediumNetwork
LowNon Install Lifecycle Scripts
LowScripts Present
LowUrl Strings
LowNo License