registry  /  @thenewlabs/locus-web  /  0.3.3

@thenewlabs/locus-web@0.3.3

AI Security Review

scanned 3h ago · by lpm-firewall-ai

The package provides a browser preview tunnel: a service worker forwards framed-app HTTP traffic and an injected agent forwards WebSocket traffic through a configured transport. This is package-aligned preview functionality, not install-time behavior, and no credential theft, exfiltration, or persistence was confirmed.

Static reason
High-risk behavior combination matched malicious policy.; previous stored version diff introduced dangerous source
Trigger
A user loads the Locus browser preview/bootstrap and supplies a preview target or transport.
Impact
No confirmed malicious attack surface; traffic handling is limited to the user-invoked preview runtime.
Mechanism
Preview-origin HTTP/WebSocket proxy bridge via Service Worker, iframe agent, and MessageChannel.
Rationale
Direct inspection shows a browser-side Locus preview client and tunnel, with no npm lifecycle execution or concrete malicious chain. Scanner flags stem from large Monaco bundles and preview bridge primitives rather than hostile behavior.
Evidence
package.jsondist/sw.jsdist/__locus/bootstrap.jsdist/__locus/agent.jsdist/assets/html.worker-B3Ztmmz2.jsdist/assets/ts.worker-0mEyHVru.js

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/__locus/agent.js patches preview-frame WebSocket and navigation APIs.
  • dist/sw.js tunnels preview HTTP requests and bodies through a configured browser transport.
  • dist/__locus/bootstrap.js accepts user-provided target/transport query parameters for the preview tunnel.
Evidence against
  • package.json has no preinstall, install, postinstall, prepare, bin, main, module, browser, or exports entrypoint.
  • Reviewed runtime code contains no child-process use, filesystem access, credential harvesting, cookie/storage reads, eval, or dynamic code loading.
  • The service worker and agent are preview-scoped bridge components, loaded only when the browser preview is run.
  • No relevant hard-coded external endpoint was found; localhost/example URLs are comments or configuration examples.
  • dist/assets/html.worker-B3Ztmmz2.js contains no bidi control characters matched by direct inspection.
  • Large worker assets are Monaco editor language-worker bundles, consistent with declared monaco-editor dependency.
Behavioral surface
Source
ChildProcessFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 92 file(s), 3.31 MB of source, external domains: bugzilla.mozilla.org, code.google.com, developer.mozilla.org, developers.google.com, drafts.csswg.org, en.wikipedia.org, github.com, googlechrome.github.io, hacks.mozilla.org, help.yahoo.com, html.spec.whatwg.org, r12a.github.io, react.dev, sass-lang.com, schema.org, stackoverflow.com, support.google.com, tools.ietf.org, wiki.whatwg.org, www.apache.org, www.bing.com, www.dmoz.org, www.iana.org, www.ietf.org, www.w3.org, www.whatwg.org
Oversized source lightweight scan
dist/assets/index-3Uf9f5Vt.js4.08 MB file, sampled 256 KB
NetworkChildProcessObfuscatedHighEntropyStringsMinifiedUrlStringsreact.devwww.w3.org
dist/assets/ts.worker-0mEyHVru.js5.64 MB file, sampled 256 KB
FilesystemNetworkUrlStringswww.apache.org

Source & flagged code

3 flagged · loading source
dist/assets/html.worker-B3Ztmmz2.jsView file
22contains invisible/control Unicode U+2060 (word joiner) `,"nexist;":`∄`,"nexists;":`∄`,"Nfr;":`𝔑`,"nfr;":`𝔫`,"ngE;":`≧̸`,"nge;":`≱`,"ngeq;":`≱`,"ngeqq;":`≧̸`,"ngeqslant;":`⩾̸`,"nges;":`⩾̸`,"nGg;":`⋙̸`,"ngsim;":`≵`,"nGt;":`≫⃒`,"ngt;":`≯`,"ngtr;":`≯`,"nGtv;":`≫̸`,"nhArr;":`⇎`,"nharr;":`↮`,"nhpar;"
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

dist/assets/html.worker-B3Ztmmz2.jsView on unpkg · L22
dist/assets/ts.worker-0mEyHVru.jsView file
path = dist/assets/ts.worker-0mEyHVru.js kind = oversized_source_file sizeBytes = 5915668 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/assets/ts.worker-0mEyHVru.jsView on unpkg
dist/__locus/agent.jsView file
matchType = previous_version_dangerous_delta matchedPackage = @thenewlabs/locus-web@0.3.1 matchedIdentity = npm:QHRoZW5ld2xhYnMvbG9jdXMtd2Vi:0.3.1 similarity = 0.957 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/__locus/agent.jsView on unpkg

Findings

1 Critical2 High2 Medium6 Low
CriticalTrojan Source Unicodedist/assets/html.worker-B3Ztmmz2.js
HighOversized Source Filedist/assets/ts.worker-0mEyHVru.js
HighPrevious Version Dangerous Deltadist/__locus/agent.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License