AI Security Review
scanned 3d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a bundled browser toolbar/plugin that loads Velt SDK assets and talks to Superflow/Firebase APIs when embedded or imported in a web page.
Static reason
One or more suspicious static signals were detected.
Trigger
Browser import or embedding the snippyly/superflow toolbar script with an apiKey.
Impact
Expected collaboration toolbar behavior; no install-time or Node-side compromise identified.
Mechanism
User-facing web toolbar with remote SDK/API calls.
Rationale
Static inspection shows a browser-only Superflow/Snippyly toolbar bundle with package-aligned network/storage behavior and no lifecycle execution or concrete credential/file exfiltration. Suspicious scanner signals are explained by bundled Firebase/Velt/Superflow code and public asset/API identifiers.
Evidence
package.jsonsnippyly.jssnippyly.min.js
Network endpoints7
cdn.jsdelivr.net/npm/@veltdev/sdk@us-central1-snipply-sdk-staging.cloudfunctions.net/getprivatenpmpackagefileapi.velt.dev/saapi.velt.dev/v2/sf/tbus-central1-snippyly-sdk-prod.cloudfunctions.net/getqrcodeapp.usesuperflow.com/firebasestorage.googleapis.com/v0/b/snippyly-sdk-external/
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- snippyly.js injects a browser script from cdn.jsdelivr.net or staging cloudfunctions based on options.
- snippyly.js contains bundled Firebase/Superflow/Velt network calls and a public Firebase apiKey.
- snippyly.js reads/writes browser localStorage/sessionStorage and cookies for toolbar state/user auth.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks and main is snippyly.js.
- No child_process, fs writes, shell execution, eval/new Function, native binary loading, or Node credential harvesting found.
- Browser network endpoints are aligned with Superflow/Snippyly/Velt toolbar functionality.
- snippyly.min.js mirrors the bundled browser toolbar code; scanner secret hit is a Firebase/public asset token pattern, not a private credential.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcesnippyly.min.jsView file
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=a`
High
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=a`
High
snippyly.jsView file
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=r`
High
Findings
3 High2 Medium3 Low
HighHigh Secretsnippyly.min.js
HighSecret Patternsnippyly.min.js
HighSecret Patternsnippyly.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings