AI Security Review
scanned 9d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a browser toolbar bundle that loads its UI, Velt SDK, Firebase helpers, and Superflow/Velt APIs when imported in a webpage.
Static reason
One or more suspicious static signals were detected.
Trigger
Browser import or loading the toolbar script on a webpage
Impact
Runtime network calls and DOM/storage changes expected for the toolbar; no install-time or host compromise behavior found.
Mechanism
client-side toolbar initialization and package-aligned API calls
Rationale
Static inspection shows a packaged browser toolbar with expected remote SDK/API use and no lifecycle execution, local file harvesting, shell execution, persistence, or AI-agent control-surface mutation. The scanner secret/network hits are explained by public app configuration, Firebase/Velt bundled code, asset URLs, and user-supplied toolbar API keys.
Evidence
package.jsonsuperflow.jssuperflow.min.js
Network endpoints7
cdn.jsdelivr.net/npm/@veltdev/sdk@us-central1-snipply-sdk-staging.cloudfunctions.net/getprivatenpmpackagefileapi.velt.dev/saapi.velt.dev/v2/sf/tbapp.usesuperflow.com/firebasestorage.googleapis.com/www.google.com/recaptcha/api.js
Decision evidence
public snapshotAI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
- superflow.js injects a Velt SDK script from jsdelivr or staging cloudfunctions at runtime.
- superflow.js includes browser storage/cookie access and Firebase/Velt network clients.
- superflow.js exposes window.Superflow methods and auto-registers superflow-toolbar/snippyly-plugin custom elements.
Evidence against
- package.json has no install/preinstall/postinstall lifecycle hooks and main is superflow.js.
- No child_process, shell execution, native binary loading, or project file writes found.
- Network endpoints are aligned with a browser collaboration toolbar: usesuperflow.com, api.velt.dev, cdn.jsdelivr.net, Firebase/Google assets.
- API key/window-variable handling appears user-supplied configuration, not credential harvesting.
- superflow.min.js is a bundled/minified browser artifact, not an opaque native payload.
Behavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcesuperflow.jsView file
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=r`
High
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=r`
High
superflow.min.jsView file
1545patternName = google_api_key
severity = high
line = 1545
matchedText = calc(${t...d=a`
High
Findings
3 High2 Medium3 Low
HighHigh Secretsuperflow.js
HighSecret Patternsuperflow.js
HighSecret Patternsuperflow.min.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings