AI Security Review
scanned 4h ago · by lpm-firewall-aiNo confirmed malicious attack surface was found. The package is a Stellar Tools API SDK that performs user-invoked HTTP requests with caller-provided credentials.
Static reason
One or more suspicious static signals were detected.
Trigger
Importing and constructing StellarTools, then calling SDK resource methods
Impact
Expected API operations against StellarTools endpoints; no install-time execution or unauthorized local mutation observed
Mechanism
typed API client using ky with supplied authentication headers
Rationale
Static inspection shows a normal SDK with package-aligned, user-invoked network behavior and no lifecycle hooks, code execution, persistence, harvesting, or agent-control mutations. The scanner secret hit is a base URL in .env.production, not a credential.
Evidence
package.jsonsrc/index.tssrc/api-client.tssrc/resources/webhooks.tssrc/resources/product.tssrc/resources/customer.tsdist/index.js.env.production.env.development
Network endpoints3
api.stellartools.comapi.stellartools.devapi.localhost:3000
Decision evidence
public snapshotAI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
- Runtime client sends caller-supplied API key/app token as headers to StellarTools API when methods are invoked
- Browser mutation requests post a generic stellar:data-changed message to parent frame
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks or bin entry
- Source implements typed SDK resource methods; network calls are user-invoked through ApiClient
- No child_process, eval/Function, filesystem writes, persistence, or AI-agent control-surface mutations found
- Scanner-highlighted .env.production contains only STELLAR_TOOLS_BASE_URL=https://api.stellartools.dev
- dist/index.js hardcodes package-aligned baseUrl https://api.stellartools.com for published runtime
- Webhook/JWT crypto helpers use caller-provided payloads/secrets locally and do not exfiltrate them outside SDK requests
Behavioral surface
CryptoEnvironmentVarsNetwork
UrlStrings
Source & flagged code
1 flagged · loading source.env.productionView file
•patternName = blocked_file
severity = critical
matchedText = .env.production
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
Findings
1 Critical2 Medium2 Low
CriticalCritical Secret.env.production
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowUrl Strings