AI Security Review
scanned 10d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a user-invoked media transcoding worker that uses database, object storage, Temporal, ffmpeg/sharp, and local temp/log files as part of its stated function.
Static reason
No blocking static signals were detected.
Trigger
User runs the shumai-transcode CLI
Impact
Runs migrations and media worker operations against user-configured services; no unconsented exfiltration or lifecycle execution identified
Mechanism
platform binary launcher and bundled transcode worker
Rationale
The risky primitives are activated by the package CLI and align with a media transcoding worker: launching the platform runtime, reading .env config, running Prisma migrations, processing media, and using configured DB/S3/Temporal services. Static inspection found no install-time execution, hardcoded exfiltration, credential theft, destructive payload, dependency-confusion behavior, or AI-agent hijack.
Evidence
package.jsonbin/shumai-transcode.jsbin/shumai-transcode-app.jsprisma.config.tsprisma/schema.prisma
Decision evidence
public snapshotAI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
- bin/shumai-transcode-app.js is a large bundled CLI/worker with fs, child_process, DB, S3, and Temporal capabilities
- bin/shumai-transcode.js loads .env files from process.cwd() and passes process.env to child processes
Evidence against
- package.json has no install/preinstall/postinstall lifecycle scripts
- bin/shumai-transcode.js only runs when the shumai-transcode bin is invoked
- bin/shumai-transcode.js selects a platform optional dependency binary and runs bundled app plus Prisma migrations
- bin/shumai-transcode-app.js behavior is package-aligned: media transcode, screenshots, S3 object operations, Temporal worker tasks, Prisma DB updates
- No hardcoded exfiltration endpoint, credential harvesting loop, persistence outside user-invoked daemon pid/log handling, or AI-agent control-surface writes found
- Prompt/reviewer manipulation search only found ordinary schema role text
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemShell
HighEntropyStringsMinifiedUrlStrings
NoLicense
Oversized source lightweight scan
bin/shumai-transcode-app.js2.89 MB file, sampled 256 KB
FilesystemChildProcessEnvironmentVarsCryptoHighEntropyStringsMinifiedUrlStringsapi.x.aiapi.xiaomimimo.comapi.z.aidotenvx.comgithub.comopen.bigmodel.cntoken-plan-ams.xiaomimimo.comtoken-plan-cn.xiaomimimo.comtoken-plan-sgp.xiaomimimo.com
Source & flagged code
2 flagged · loading sourcebin/shumai-transcode-app.jsView file
•path = bin/shumai-transcode-app.js
kind = oversized_source_file
sizeBytes = 3028311
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
bin/shumai-transcode-app.jsView on unpkg•path = bin/shumai-transcode-app.js
kind = oversized_cli_entrypoint
sizeBytes = 3028311
magicHex = [redacted]
Medium
Oversized Cli Entrypoint
Package contains an oversized executable-looking CLI entrypoint.
bin/shumai-transcode-app.jsView on unpkgFindings
1 High3 Medium4 Low
HighOversized Source Filebin/shumai-transcode-app.js
MediumEnvironment Vars
MediumOversized Cli Entrypointbin/shumai-transcode-app.js
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License