AI Security Review
scanned 10d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is an observability SDK that can send OpenTelemetry spans to a user-configured collector during runtime, with redaction enabled by default.
Static reason
One or more suspicious static signals were detected.
Trigger
User imports the package and constructs Splyntra or explicitly calls instrumentation helpers.
Impact
Runtime telemetry export may include application trace metadata, but behavior is package-aligned and documented with client-side redaction.
Mechanism
User-invoked OpenTelemetry tracing and optional SDK monkey-patching
Rationale
Static inspection found package-aligned observability code, no install-time execution, no filesystem mutation, no shell execution, no persistence, and no AI-agent control-surface writes. The scanner secret finding is explained by redaction test fixtures using clearly fake example tokens.
Evidence
package.jsondist/index.jsdist/exporters/index.jsdist/redaction.jsdist/instrumentors/openai.jsdist/instrumentors/langgraph.jsdist/redaction.test.jsREADME.md
Network endpoints1
localhost:4318/v1/traces
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json has only prepublishOnly build hook, no install/postinstall/prepare runtime lifecycle hook.
- dist/index.js initializes OpenTelemetry tracing only when Splyntra is constructed by user code.
- dist/exporters/index.js exports traces to caller-configured OTLP endpoint, default http://localhost:4318/v1/traces.
- dist/redaction.js redacts credential-like span attributes before export by default.
- dist/instrumentors/openai.js and dist/instrumentors/langgraph.js only monkey-patch target SDK methods after explicit instrumentation and record metadata/usage.
- dist/redaction.test.js contains dummy AWS/JWT/API key strings used as redaction test fixtures, not real secrets or exfil payloads.
Behavioral surface
HighEntropyStrings
Source & flagged code
3 flagged · loading sourcedist/redaction.test.jsView file
8patternName = aws_access_key
severity = critical
line = 8
matchedText = const ou...d");
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/redaction.test.jsView on unpkg · L88patternName = aws_access_key
severity = critical
line = 8
matchedText = const ou...d");
Critical
27patternName = aws_access_key
severity = critical
line = 27
matchedText = const sp...} };
Critical
Findings
3 Critical3 Low
CriticalCritical Secretdist/redaction.test.js
CriticalSecret Patterndist/redaction.test.js
CriticalSecret Patterndist/redaction.test.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings