AI Security Review
scanned 3h ago · by lpm-firewall-aiNo confirmed malicious attack surface. Runtime behavior is aligned with Storybook React rendering and docgen: resolving modules and reading user project source/config files to extract component metadata.
Static reason
One or more suspicious static signals were detected.
Trigger
User imports @storybook/react or Storybook loads its preset/docgen provider.
Impact
Project source files may be read locally for documented Storybook functionality; no exfiltration or install-time mutation found.
Mechanism
React renderer and documentation metadata extraction
Rationale
The suspicious primitives are package-aligned docgen/module-resolution behavior and metadata URLs, with no lifecycle hook, network exfiltration, credential access, persistence, or AI-agent control mutation. Static source inspection supports a clean verdict.
Evidence
package.jsonpreset.jspreview.jsdist/index.jsdist/preset.jsdist/docgen/docgen-worker.jsdist/_node-chunks/chunk-4XOAZREN.js
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- dist/preset.js reads project component/story files and tsconfig for docgen when Storybook presets run.
- dist/preset.js dynamically imports typescript and react-docgen-typescript for optional docgen paths.
Evidence against
- package.json has no preinstall/install/postinstall scripts or bin entry.
- preset.js and preview.js only re-export dist entrypoints.
- dist/index.js sets STORYBOOK_ENV and exports React Storybook composition/render helpers.
- dist/docgen/docgen-worker.js builds docgen payloads from Storybook story entries; no exfiltration or persistence found.
- rg found no package-owned fetch/XMLHttpRequest/child_process execution; network URLs are metadata/docs links.
- No AI-agent control-surface writes, destructive actions, credential harvesting, or broad filesystem mutation found.
Behavioral surface
ChildProcessEnvironmentVarsFilesystem
HighEntropyStringsUrlStrings
GitDependency
Source & flagged code
1 flagged · loading sourcedist/preset.jsView file
259package = @storybook/react; repositoryIdentity = storybook; dependency = react-docgen-typescript
L259: try {
L260: let { withCompilerOptions } = (await import("react-docgen-typescript")).default, defaultOptions = {
L261: [redacted]: !0,
High
Copied Package Dependency Bridge
Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
dist/preset.jsView on unpkg · L259Findings
1 High3 Medium3 Low
HighCopied Package Dependency Bridgedist/preset.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumGit Dependency
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings