AI Security Review
scanned 2d ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. Risky primitives are user-invoked compiler/JIT and protobuf loading behavior aligned with the SQL workflow package.
Static reason
High-risk behavior combination matched malicious policy.
Trigger
import of bundle.js or user-invoked compiler/JIT APIs
Impact
No evidence of unauthorized execution, exfiltration, persistence, or destructive behavior.
Mechanism
SQL workflow compiler with bundled protobuf/YAML and user-code JIT helpers
Rationale
Static source inspection found a bundled SQLAnvil core/compiler package with no lifecycle execution and no concrete malicious behavior. Scanner protestware/network/secret hits are explained by license/docs/config schema strings and bundled dependencies.
Evidence
package.jsonbundle.jsREADME.mdconfigs.protobundle.d.ts
Network endpoints2
github.com/sqlanvil/sqlanvilsqlanvil.com
Decision evidence
public snapshotAI called this Clean at 88.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json declares no lifecycle scripts or bin; main is bundle.js.
- bundle.js exports compiler/session APIs and protobuf/YAML helpers, not install-time code.
- Only Node builtin required is fs; readFileSync appears in bundled protobuf file-loading helpers.
- Function constructor is used for SQLAnvil JIT/user SQL action evaluation, a package-aligned compiler feature.
- README and proto credential/password strings are configuration schema/examples, not harvesting or exfiltration.
- No child_process, fetch/HTTP client use, persistence, or AI-agent control-surface writes found.
Behavioral surface
ChildProcessShell
HighEntropyStringsMinifiedObfuscatedProtestwareTrivialUrlStrings
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 Critical1 Medium3 Low
CriticalProtestware
MediumStructural Risk Force Deep Review
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings