AI Security Review
scanned 2h ago · by lpm-firewall-aiA packaged standalone auth server exposes a privileged backend credential in source. If executed directly, it runs a local device-auth API with an approval path that does not authenticate the approver. No default install-time or CLI-import execution reaches this module.
Static reason
One or more suspicious static signals were detected.
Trigger
Direct execution of `dist/auth/auth-server.js`; the credential is also exposed to any package reader.
Impact
Backend compromise risk and unauthorized device-token approval if the module is run.
Mechanism
Hard-coded privileged Supabase credential plus weak local device-approval API
Rationale
No concrete malicious execution, exfiltration, lifecycle persistence, or foreign AI-agent control-surface mutation was found. The exposed privileged credential and directly executable weak auth server warrant a warning as a critical vulnerability.
Evidence
package.jsondist/index.jsdist/auth/auth-server.jsdist/telemetry.jsdist/security/redact.js
Network endpoints1
qmxhcjiryoptyzpmysen.supabase.co
Decision evidence
public snapshotAI called this Suspicious at 94.0% confidence as Critical Vulnerability with low false-positive risk.
Evidence for warning
- `dist/auth/auth-server.js` embeds a Supabase service-role credential.
- The same module starts an unauthenticated local auth API and approves any pending device code.
- `dist/auth/auth-server.js` is unreferenced by the normal CLI entrypoint, so no automatic trigger was found.
Evidence against
- `package.json` has no `preinstall`, `install`, or `postinstall` hook.
- `dist/index.js` only starts the CLI after user invocation; it does not import `auth-server.js`.
- `dist/telemetry.js` sends limited version/platform telemetry, not harvested credentials.
- `dist/security/redact.js` and command handlers include secret-file and content-redaction safeguards.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/auth/auth-server.jsView file
5patternName = supabase_service_key
severity = critical
line = 5
matchedText = const su...ok';
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/auth/auth-server.jsView on unpkg · L55patternName = supabase_service_key
severity = critical
line = 5
matchedText = const su...ok';
Critical
Secret Pattern
Supabase service role key (JWT) in dist/auth/auth-server.js
dist/auth/auth-server.jsView on unpkg · L5Findings
2 Critical2 Medium5 Low
CriticalCritical Secretdist/auth/auth-server.js
CriticalSecret Patterndist/auth/auth-server.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings